openapi: 3.0.3 info: title: Infisical API description: List of all available APIs that can be consumed version: 0.0.1 components: securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: An access token in Infisical schemas: {} paths: /api/v1/organization/roles: post: tags: - Organization Roles description: Create an organization role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string minLength: 1 description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - type: array items: type: string enum: - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - project description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - request-access - type: array items: type: string enum: - create - request-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - sub-organization description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - edit - delete - direct-access - link-group - type: array items: type: string enum: - create - edit - delete - direct-access - link-group minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - incident-contact description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - sso description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - bypass-sso-enforcement - type: array items: type: string enum: - read - create - edit - delete - bypass-sso-enforcement minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - scim description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - github-org-sync description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - github-org-sync-manual description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ldap description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - add-identities - add-members - remove-members - remove-identities - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - add-identities - add-members - remove-members - remove-identities minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - billing description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - manage-billing - type: array items: type: string enum: - read - manage-billing minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - project-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - rotate-credentials - type: array items: type: string enum: - read - create - edit - delete - connect - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - organization-admin-console description: The entity this permission pertains to. action: anyOf: - type: string enum: - access-all-projects - type: array items: type: string enum: - access-all-projects minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-share description: The entity this permission pertains to. action: anyOf: - type: string enum: - manage-settings - type: array items: type: string enum: - manage-settings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - proxy - type: array items: type: string enum: - proxy minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - machine-identity-auth-template description: The entity this permission pertains to. action: anyOf: - type: string enum: - list-templates - edit-templates - create-templates - delete-templates - unlink-templates - attach-templates - type: array items: type: string enum: - list-templates - edit-templates - create-templates - delete-templates - unlink-templates - attach-templates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - gateway description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-gateways - list-gateways - edit-gateways - delete-gateways - attach-gateways - revoke-gateway-access - type: array items: type: string enum: - create-gateways - list-gateways - edit-gateways - delete-gateways - attach-gateways - revoke-gateway-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - gateway-pool description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-gateway-pools - list-gateway-pools - edit-gateway-pools - delete-gateway-pools - attach-gateway-pools - type: array items: type: string enum: - create-gateway-pools - list-gateway-pools - edit-gateway-pools - delete-gateway-pools - attach-gateway-pools minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - relay description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-relays - list-relays - edit-relays - delete-relays - revoke-relay-access - type: array items: type: string enum: - create-relays - list-relays - edit-relays - delete-relays - revoke-relay-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip-server description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-kmip-servers - list-kmip-servers - edit-kmip-servers - delete-kmip-servers - revoke-kmip-server-access - type: array items: type: string enum: - create-kmip-servers - list-kmip-servers - edit-kmip-servers - delete-kmip-servers - revoke-kmip-server-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - email-domains description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - verify-domain - delete - type: array items: type: string enum: - read - create - verify-domain - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-manager description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - manage-instance - manage-settings - type: array items: type: string enum: - read - manage-instance - manage-settings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - setup - type: array items: type: string enum: - setup minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - oauth-clients description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. required: - slug - name - permissions additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - permissions - createdAt - updatedAt - orgId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Organization Roles description: List organization roles security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - createdAt - updatedAt - orgId additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organization/roles/{roleId}: get: tags: - Organization Roles description: Get an organization role parameters: - schema: type: string in: path name: roleId required: true description: The ID of the role to get. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - permissions - createdAt - updatedAt - orgId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Organization Roles description: Update an organization role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - type: array items: type: string enum: - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - project description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - request-access - type: array items: type: string enum: - create - request-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - sub-organization description: The entity this permission pertains to. action: anyOf: - type: string enum: - create - edit - delete - direct-access - link-group - type: array items: type: string enum: - create - edit - delete - direct-access - link-group minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - incident-contact description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - sso description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - bypass-sso-enforcement - type: array items: type: string enum: - read - create - edit - delete - bypass-sso-enforcement minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - scim description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - github-org-sync description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - github-org-sync-manual description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ldap description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - add-identities - add-members - remove-members - remove-identities - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - add-identities - add-members - remove-members - remove-identities minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - billing description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - manage-billing - type: array items: type: string enum: - read - manage-billing minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - project-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - rotate-credentials - type: array items: type: string enum: - read - create - edit - delete - connect - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - organization-admin-console description: The entity this permission pertains to. action: anyOf: - type: string enum: - access-all-projects - type: array items: type: string enum: - access-all-projects minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-share description: The entity this permission pertains to. action: anyOf: - type: string enum: - manage-settings - type: array items: type: string enum: - manage-settings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - proxy - type: array items: type: string enum: - proxy minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - machine-identity-auth-template description: The entity this permission pertains to. action: anyOf: - type: string enum: - list-templates - edit-templates - create-templates - delete-templates - unlink-templates - attach-templates - type: array items: type: string enum: - list-templates - edit-templates - create-templates - delete-templates - unlink-templates - attach-templates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - gateway description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-gateways - list-gateways - edit-gateways - delete-gateways - attach-gateways - revoke-gateway-access - type: array items: type: string enum: - create-gateways - list-gateways - edit-gateways - delete-gateways - attach-gateways - revoke-gateway-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - gateway-pool description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-gateway-pools - list-gateway-pools - edit-gateway-pools - delete-gateway-pools - attach-gateway-pools - type: array items: type: string enum: - create-gateway-pools - list-gateway-pools - edit-gateway-pools - delete-gateway-pools - attach-gateway-pools minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - relay description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-relays - list-relays - edit-relays - delete-relays - revoke-relay-access - type: array items: type: string enum: - create-relays - list-relays - edit-relays - delete-relays - revoke-relay-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip-server description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-kmip-servers - list-kmip-servers - edit-kmip-servers - delete-kmip-servers - revoke-kmip-server-access - type: array items: type: string enum: - create-kmip-servers - list-kmip-servers - edit-kmip-servers - delete-kmip-servers - revoke-kmip-server-access minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - email-domains description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - verify-domain - delete - type: array items: type: string enum: - read - create - verify-domain - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-manager description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - manage-instance - manage-settings - type: array items: type: string enum: - read - manage-instance - manage-settings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - setup - type: array items: type: string enum: - setup minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - oauth-clients description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. additionalProperties: false parameters: - schema: type: string in: path name: roleId required: true description: The ID of the role to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - permissions - createdAt - updatedAt - orgId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Organization Roles description: Delete an organization role parameters: - schema: type: string in: path name: roleId required: true description: The ID of the role to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - permissions - createdAt - updatedAt - orgId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organization/roles/slug/{roleSlug}: get: tags: - Organization Roles description: Get an organization role by slug parameters: - schema: type: string in: path name: roleSlug required: true description: The slug of the role to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid required: - id - name - slug - permissions - createdAt - updatedAt - orgId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/sub-organizations: post: operationId: createSubOrganization tags: - Sub Organizations description: Create a sub organization requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The display name of the sub-organization (e.g. 'Acme Corp'). Allows alphanumeric characters, spaces, dashes, and underscores. slug: type: string minLength: 1 maxLength: 64 description: Optional. The slug of the sub-organization (e.g. 'acme-corp'). If not provided, it is auto-generated from the name. Must be lowercase with hyphens only. required: - name additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: organization: type: object properties: id: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time parentOrgId: type: string format: uuid nullable: true required: - id - name - slug - createdAt - updatedAt additionalProperties: false required: - organization additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listSubOrganizations tags: - Sub Organizations description: List of sub organizations parameters: - schema: type: number minimum: 1 maximum: 1000 default: 25 in: query name: limit required: false description: The number of sub organizations to return. - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th sub organization. - schema: type: string in: query name: search required: false description: Optional. Filter sub organizations by name (case-insensitive substring match). - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The field to order sub organizations by. Currently only 'name' is supported. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction to order sub organizations. Either 'asc' or 'desc'. - schema: type: string enum: - 'true' - 'false' in: query name: isAccessible required: false description: Filter to only return sub organizations that the actor has access to. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: organizations: type: array items: type: object properties: id: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time parentOrgId: type: string format: uuid nullable: true required: - id - name - slug - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - organizations - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/sub-organizations/{subOrgId}: patch: operationId: updateSubOrganization tags: - Sub Organizations description: Update a sub organization requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: Optional. The display name of the sub-organization. When only the name is provided (no slug), both name and slug are updated. slug: type: string minLength: 1 maxLength: 64 description: Optional. The slug of the sub-organization. Can be updated independently when both name and slug are provided. additionalProperties: false parameters: - schema: type: string in: path name: subOrgId required: true description: The id of the sub organization to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: organization: type: object properties: id: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time parentOrgId: type: string format: uuid nullable: true required: - id - name - slug - createdAt - updatedAt additionalProperties: false required: - organization additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSubOrganization tags: - Sub Organizations description: Delete a sub organization parameters: - schema: type: string in: path name: subOrgId required: true description: The id of the sub organization to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: organization: type: object properties: id: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time parentOrgId: type: string format: uuid nullable: true required: - id - name - slug - createdAt - updatedAt additionalProperties: false required: - organization additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/sub-organizations/{subOrgId}/memberships: post: operationId: createSubOrganizationMembership tags: - Sub Organizations description: Join a sub organization parameters: - schema: type: string in: path name: subOrgId required: true description: The id of the sub organization to create a membership in. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: organization: type: object properties: id: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time parentOrgId: type: string format: uuid nullable: true required: - id - name - slug - createdAt - updatedAt additionalProperties: false required: - organization additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/secret-snapshots: get: tags: - Projects description: Return project secret snapshots ids parameters: - schema: type: string in: query name: environment required: true description: The environment to get snapshots from. - schema: type: string default: / in: query name: path required: false description: The secret path to get snapshots from. - schema: type: number default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th snapshot. - schema: type: number default: 20 in: query name: limit required: false description: The number of snapshots to return. - schema: type: string in: path name: workspaceId required: true description: The ID of the project to get snapshots from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSnapshots: type: array items: type: object properties: id: type: string format: uuid envId: type: string format: uuid folderId: type: string format: uuid parentFolderId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - envId - folderId - createdAt - updatedAt additionalProperties: false required: - secretSnapshots additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/roles: post: tags: - Project Roles description: Create a project role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string minLength: 1 description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. required: - slug - name - permissions additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: Id of the project to create the role for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Project Roles description: List project role parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - createdAt - updatedAt - projectId additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/roles/{roleId}: patch: tags: - Project Roles description: Update a project role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the role for. - schema: type: string in: path name: roleId required: true description: The ID of the role to update security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Roles description: Delete a project role parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the role for. - schema: type: string in: path name: roleId required: true description: The ID of the role to update security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/roles/slug/{roleSlug}: get: tags: - Project Roles parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project. - schema: type: string in: path name: roleSlug required: true description: The slug of the role to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/secret-snapshots: get: tags: - Projects description: Return project secret snapshots ids parameters: - schema: type: string in: query name: environment required: true description: The environment to get snapshots from. - schema: type: string default: / in: query name: path required: false description: The secret path to get snapshots from. - schema: type: number default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th snapshot. - schema: type: number default: 20 in: query name: limit required: false description: The number of snapshots to return. - schema: type: string in: path name: projectId required: true description: The ID of the project to get snapshots from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSnapshots: type: array items: type: object properties: id: type: string format: uuid envId: type: string format: uuid folderId: type: string format: uuid parentFolderId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - envId - folderId - createdAt - updatedAt additionalProperties: false required: - secretSnapshots additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets: post: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string minLength: 1 description: The slug of the project to create dynamic secret in. provider: anyOf: - type: object properties: type: type: string enum: - sql-database inputs: type: object properties: client: type: string enum: - postgres - mysql2 - oracledb - mssql - sap-ase - vertica host: type: string port: type: number database: type: string username: type: string password: type: string passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 required: type: object properties: lowercase: type: number minimum: 0 uppercase: type: number minimum: 0 digits: type: number minimum: 0 symbols: type: number minimum: 0 required: - lowercase - uppercase - digits - symbols additionalProperties: false allowedSymbols: type: string required: - length - required additionalProperties: false description: Password generation requirements creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string sslEnabled: type: boolean sslRejectUnauthorized: type: boolean default: true gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true required: - client - host - port - database - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - clickhouse inputs: type: object properties: host: type: string port: type: number database: type: string username: type: string password: type: string passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 required: type: object properties: lowercase: type: number minimum: 0 uppercase: type: number minimum: 0 digits: type: number minimum: 0 symbols: type: number minimum: 0 required: - lowercase - uppercase - digits - symbols additionalProperties: false allowedSymbols: type: string required: - length - required additionalProperties: false description: Password generation requirements creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true required: - host - port - database - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - cassandra inputs: type: object properties: host: type: string port: type: number localDataCenter: type: string minLength: 1 keyspace: type: string username: type: string password: type: string creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string sslRejectUnauthorized: type: boolean default: true required: - host - port - localDataCenter - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - sap-ase inputs: type: object properties: host: type: string port: type: number database: type: string username: type: string password: type: string creationStatement: type: string revocationStatement: type: string required: - host - port - database - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - aws-iam inputs: anyOf: - type: object properties: method: type: string enum: - access-key credentialType: type: string enum: - iam-user - temporary-credentials default: iam-user accessKey: type: string minLength: 1 secretAccessKey: type: string minLength: 1 region: type: string minLength: 1 awsPath: type: string permissionBoundaryPolicyArn: type: string policyDocument: type: string userGroups: type: string policyArns: type: string tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - method - accessKey - secretAccessKey - region additionalProperties: false - type: object properties: method: type: string enum: - assume-role credentialType: type: string enum: - iam-user - temporary-credentials default: iam-user roleArn: type: string minLength: 1 region: type: string minLength: 1 awsPath: type: string permissionBoundaryPolicyArn: type: string policyDocument: type: string userGroups: type: string policyArns: type: string tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - method - roleArn - region additionalProperties: false - type: object properties: method: type: string enum: - irsa credentialType: type: string enum: - iam-user - temporary-credentials default: iam-user region: type: string minLength: 1 awsPath: type: string permissionBoundaryPolicyArn: type: string policyDocument: type: string userGroups: type: string policyArns: type: string tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - method - region additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - redis inputs: type: object properties: host: type: string port: type: number username: type: string password: type: string creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string sslRejectUnauthorized: type: boolean default: true required: - host - port - username - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - sap-hana inputs: type: object properties: host: type: string port: type: number username: type: string password: type: string creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string sslRejectUnauthorized: type: boolean default: true required: - host - port - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - aws-elasticache inputs: type: object properties: clusterName: type: string minLength: 1 accessKeyId: type: string minLength: 1 secretAccessKey: type: string minLength: 1 region: type: string creationStatement: type: string revocationStatement: type: string required: - clusterName - accessKeyId - secretAccessKey - region - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - aws-memorydb inputs: type: object properties: clusterName: type: string minLength: 1 auth: anyOf: - type: object properties: type: type: string enum: - iam accessKeyId: type: string minLength: 1 secretAccessKey: type: string minLength: 1 required: - type - accessKeyId - secretAccessKey additionalProperties: false region: type: string minLength: 1 creationStatement: type: string revocationStatement: type: string required: - clusterName - auth - region - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - mongo-db-atlas inputs: type: object properties: adminPublicKey: type: string minLength: 1 description: Admin user public api key adminPrivateKey: type: string minLength: 1 description: Admin user private api key groupId: type: string minLength: 1 description: Unique 24-hexadecimal digit string that identifies your project. This is same as project id roles: type: array items: type: object properties: collectionName: type: string description: Collection on which this role applies. databaseName: type: string minLength: 1 description: Database to which the user is granted access privileges. roleName: type: string minLength: 1 description: ' Enum: "atlasAdmin" "backup" "clusterMonitor" "dbAdmin" "dbAdminAnyDatabase" "enableSharding" "read" "readAnyDatabase" "readWrite" "readWriteAnyDatabase" "".Human-readable label that identifies a group of privileges assigned to a database user. This value can either be a built-in role or a custom role.' required: - databaseName - roleName additionalProperties: false minItems: 1 scopes: type: array items: type: object properties: name: type: string minLength: 1 description: Human-readable label that identifies the cluster or MongoDB Atlas Data Lake that this database user can access. type: type: string minLength: 1 description: 'Category of resource that this database user can access. Enum: CLUSTER, DATA_LAKE, STREAM' required: - name - type additionalProperties: false required: - adminPublicKey - adminPrivateKey - groupId - roles - scopes additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - elastic-search inputs: type: object properties: host: type: string minLength: 1 port: type: number roles: type: array items: type: string minLength: 1 minItems: 1 auth: anyOf: - type: object properties: type: type: string enum: - user username: type: string password: type: string required: - type - username - password additionalProperties: false - type: object properties: type: type: string enum: - api-key apiKey: type: string apiKeyId: type: string required: - type - apiKey - apiKeyId additionalProperties: false ca: type: string sslRejectUnauthorized: type: boolean default: true required: - host - port - roles - auth additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - mongo-db inputs: type: object properties: host: type: string minLength: 1 port: type: number nullable: true username: type: string minLength: 1 password: type: string minLength: 1 database: type: string minLength: 1 ca: type: string nullable: true sslRejectUnauthorized: type: boolean default: true roles: type: array items: type: string minItems: 1 description: 'Enum: "atlasAdmin" "backup" "clusterMonitor" "dbAdmin" "dbAdminAnyDatabase" "enableSharding" "read" "readAnyDatabase" "readWrite" "readWriteAnyDatabase" "".Human-readable label that identifies a group of privileges assigned to a database user. This value can either be a built-in role or a custom role.' required: - host - username - password - database - roles additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - rabbit-mq inputs: type: object properties: host: type: string minLength: 1 port: type: number tags: type: array items: type: string default: [] username: type: string minLength: 1 password: type: string minLength: 1 ca: type: string sslRejectUnauthorized: type: boolean default: true virtualHost: type: object properties: name: type: string minLength: 1 permissions: type: object properties: read: type: string minLength: 1 write: type: string minLength: 1 configure: type: string minLength: 1 required: - read - write - configure additionalProperties: false required: - name - permissions additionalProperties: false required: - host - port - username - password - virtualHost additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - azure-entra-id inputs: type: object properties: tenantId: type: string minLength: 1 userId: type: string minLength: 1 email: type: string minLength: 1 applicationId: type: string minLength: 1 clientSecret: type: string minLength: 1 required: - tenantId - userId - email - applicationId - clientSecret additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - azure-sql-database inputs: type: object properties: host: type: string port: type: number database: type: string masterDatabase: type: string default: master username: type: string password: type: string passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 required: type: object properties: lowercase: type: number minimum: 0 uppercase: type: number minimum: 0 digits: type: number minimum: 0 symbols: type: number minimum: 0 required: - lowercase - uppercase - digits - symbols additionalProperties: false allowedSymbols: type: string required: - length - required additionalProperties: false description: Password generation requirements masterCreationStatement: type: string creationStatement: type: string revocationStatement: type: string renewStatement: type: string ca: type: string sslEnabled: type: boolean sslRejectUnauthorized: type: boolean default: true gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true required: - host - port - database - username - password - masterCreationStatement - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - ldap inputs: anyOf: - type: object properties: url: type: string minLength: 1 binddn: type: string minLength: 1 bindpass: type: string minLength: 1 ca: type: string sslRejectUnauthorized: type: boolean default: true credentialType: type: string enum: - dynamic default: dynamic creationLdif: type: string minLength: 1 revocationLdif: type: string minLength: 1 rollbackLdif: type: string required: - url - binddn - bindpass - creationLdif - revocationLdif additionalProperties: false - type: object properties: url: type: string minLength: 1 binddn: type: string minLength: 1 bindpass: type: string minLength: 1 ca: type: string sslRejectUnauthorized: type: boolean default: true credentialType: type: string enum: - static rotationLdif: type: string minLength: 1 required: - url - binddn - bindpass - credentialType - rotationLdif additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - snowflake inputs: type: object properties: accountId: type: string minLength: 1 orgId: type: string minLength: 1 username: type: string minLength: 1 password: type: string minLength: 1 creationStatement: type: string minLength: 1 revocationStatement: type: string minLength: 1 renewStatement: type: string required: - accountId - orgId - username - password - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - totp inputs: anyOf: - type: object properties: configType: type: string enum: - url url: type: string format: uri minLength: 1 required: - configType - url additionalProperties: false - type: object properties: configType: type: string enum: - manual secret: type: string minLength: 1 period: type: number algorithm: type: string enum: - sha1 - sha256 - sha512 digits: type: number required: - configType - secret additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - kubernetes inputs: anyOf: - type: object properties: url: type: string clusterToken: type: string ca: type: string sslEnabled: type: boolean default: false sslRejectUnauthorized: type: boolean default: true credentialType: type: string enum: - static serviceAccountName: type: string minLength: 1 namespace: type: string minLength: 1 gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true audiences: type: array items: type: string minLength: 1 authMethod: type: string enum: - gateway - api default: api required: - credentialType - serviceAccountName - namespace - audiences additionalProperties: false - type: object properties: url: type: string format: uri clusterToken: type: string ca: type: string sslEnabled: type: boolean default: false sslRejectUnauthorized: type: boolean default: true credentialType: type: string enum: - dynamic namespace: type: string minLength: 1 gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true audiences: type: array items: type: string minLength: 1 roleType: type: string enum: - cluster-role - role role: type: string minLength: 1 authMethod: type: string enum: - gateway - api default: api required: - credentialType - namespace - audiences - roleType - role additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - vertica inputs: type: object properties: host: type: string port: type: number username: type: string password: type: string database: type: string gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true creationStatement: type: string revocationStatement: type: string passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 required: type: object properties: lowercase: type: number minimum: 0 uppercase: type: number minimum: 0 digits: type: number minimum: 0 symbols: type: number minimum: 0 required: - lowercase - uppercase - digits - symbols additionalProperties: false allowedSymbols: type: string required: - length - required additionalProperties: false description: Password generation requirements required: - host - port - username - password - database - creationStatement - revocationStatement additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - gcp-iam inputs: type: object properties: serviceAccountEmail: type: string format: email minLength: 1 maxLength: 128 required: - serviceAccountEmail additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - github inputs: type: object properties: appId: type: number minimum: 1 description: The ID of your GitHub App. installationId: type: number minimum: 1 description: The ID of the GitHub App installation. privateKey: type: string minLength: 1 description: The private key generated for your GitHub App. required: - appId - installationId - privateKey additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - couchbase inputs: type: object properties: url: type: string format: uri minLength: 1 description: Couchbase Cloud API URL orgId: type: string minLength: 1 description: Organization ID projectId: type: string minLength: 1 description: Project ID clusterId: type: string minLength: 1 description: Cluster ID roles: type: array items: type: string minLength: 1 minItems: 1 description: Roles to assign to the user buckets: anyOf: - type: string minLength: 1 default: '*' - type: array items: type: object properties: name: type: string minLength: 1 description: Bucket name scopes: type: array items: type: object properties: name: type: string minLength: 1 description: Scope name collections: type: array items: type: string minLength: 1 description: Collection names required: - name additionalProperties: false description: Scopes within the bucket required: - name additionalProperties: false default: '*' description: 'Bucket configuration: ''*'' for all buckets, scopes, and collections or array of bucket objects with specific scopes and collections' passwordRequirements: type: object properties: length: type: number minimum: 8 maximum: 128 required: type: object properties: lowercase: type: number minimum: 1 uppercase: type: number minimum: 1 digits: type: number minimum: 1 symbols: type: number minimum: 1 required: - lowercase - uppercase - digits - symbols additionalProperties: false allowedSymbols: type: string required: - length - required additionalProperties: false description: Password generation requirements for Couchbase auth: type: object properties: apiKey: type: string minLength: 1 description: Couchbase Cloud API Key required: - apiKey additionalProperties: false required: - url - orgId - projectId - clusterId - roles - auth additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - milvus inputs: type: object properties: host: type: string minLength: 1 description: Milvus endpoint host; uses https when the host includes https:// or a CA is provided, http when the host includes http://, otherwise http (e.g. localhost). port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 description: Admin username used to manage Milvus users and roles password: type: string minLength: 1 description: Admin password used to manage Milvus users and roles database: type: string minLength: 1 default: default description: Default Milvus database used for privilege grants privileges: type: array items: type: object properties: objectType: type: string minLength: 1 description: Milvus object type (e.g. "Collection", "Database", "Global", "User", "Cluster") objectName: type: string minLength: 1 default: '*' description: Name of the target object, or "*" to apply to all privilege: type: string minLength: 1 description: Milvus privilege name or built-in privilege group (e.g. "Search", "COLL_RO", "DB_Admin") dbName: type: string minLength: 1 description: Optional database override for this privilege required: - objectType - privilege additionalProperties: false default: [] description: Privileges granted to an ephemeral role bound to the lease user. Leave empty to create the user with only the built-in public role. ca: type: string sslRejectUnauthorized: type: boolean default: true gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true required: - host - port - username - password additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - ssh inputs: type: object properties: principals: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: string enum: - RSA_2048 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - ED25519 default: ED25519 required: - principals additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - ibm-api-connect inputs: type: object properties: clientId: type: string minLength: 1 clientSecret: type: string minLength: 1 instanceUrl: type: string format: uri minLength: 1 apiKey: type: string minLength: 1 orgId: type: string minLength: 1 catalogId: type: string minLength: 1 consumerOrgId: type: string minLength: 1 appId: type: string minLength: 1 gatewayId: type: string nullable: true gatewayPoolId: type: string nullable: true required: - clientId - clientSecret - instanceUrl - apiKey - orgId - catalogId - consumerOrgId - appId additionalProperties: false required: - type - inputs additionalProperties: false description: The type of dynamic secret. defaultTTL: type: string description: The default TTL that will be applied for all the leases. maxTTL: type: string description: The maximum limit a TTL can be leases or renewed. nullable: true path: type: string description: The path to create the dynamic secret in. default: / environmentSlug: type: string minLength: 1 description: The slug of the environment to create the dynamic secret in. name: type: string minLength: 1 maxLength: 64 description: The name of the dynamic secret. metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false usernameTemplate: type: string maxLength: 255 required: - projectSlug - provider - defaultTTL - environmentSlug - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false inputs: {} required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Dynamic Secrets parameters: - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project to create dynamic secret in. - schema: type: string default: / in: query name: path required: false description: The path to list folders from. - schema: type: string minLength: 1 in: query name: environmentSlug required: true description: The slug of the environment to list folders from. responses: '200': description: Default Response content: application/json: schema: type: object properties: dynamicSecrets: type: array items: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - dynamicSecrets additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/{name}: patch: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string minLength: 1 description: The slug of the project to update dynamic secret in. path: type: string default: / description: The path to update the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment to update the dynamic secret in. data: type: object properties: inputs: description: The new partial values for the configured provider of the dynamic secret defaultTTL: type: string description: The default TTL that will be applied for all the leases. maxTTL: type: string description: The maximum limit a TTL can be leases or renewed. nullable: true newName: type: string description: The new name for the dynamic secret. metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false usernameTemplate: type: string maxLength: 255 nullable: true additionalProperties: false required: - projectSlug - environmentSlug - data additionalProperties: false parameters: - schema: type: string in: path name: name required: true description: The name of the dynamic secret. responses: '200': description: Default Response content: application/json: schema: type: object properties: dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false inputs: {} required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string minLength: 1 description: The slug of the project to delete dynamic secret in. path: type: string default: / description: The path to delete the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment to delete the dynamic secret in. isForced: type: boolean default: false description: A boolean flag to delete the the dynamic secret from Infisical without trying to remove it from external provider. Used when the dynamic secret got modified externally. required: - projectSlug - environmentSlug additionalProperties: false parameters: - schema: type: string in: path name: name required: true description: The name of the dynamic secret. responses: '200': description: Default Response content: application/json: schema: type: object properties: dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Dynamic Secrets parameters: - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project to create dynamic secret in. - schema: type: string default: / in: query name: path required: false description: The path to list folders from. - schema: type: string minLength: 1 in: query name: environmentSlug required: true description: The slug of the environment to list folders from. - schema: type: string minLength: 1 in: path name: name required: true description: The name of the dynamic secret. responses: '200': description: Default Response content: application/json: schema: type: object properties: dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false inputs: {} required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/{name}/leases: get: tags: - Dynamic Secrets parameters: - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project to create dynamic secret in. - schema: type: string default: / in: query name: path required: false description: The path to list folders from. - schema: type: string minLength: 1 in: query name: environmentSlug required: true description: The slug of the environment to list folders from. - schema: type: string minLength: 1 in: path name: name required: true description: The name of the dynamic secret. responses: '200': description: Default Response content: application/json: schema: type: object properties: leases: type: array items: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt additionalProperties: false required: - leases additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/leases: post: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: dynamicSecretName: type: string minLength: 1 description: The name of the dynamic secret. projectSlug: type: string minLength: 1 description: The slug of the project of the dynamic secret in. ttl: type: string description: The lease lifetime TTL. If not provided the default TTL of dynamic secret will be used. path: type: string default: / description: The path of the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment of the dynamic secret in. config: {} required: - dynamicSecretName - projectSlug - environmentSlug additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: lease: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt additionalProperties: false dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false data: {} required: - lease - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/leases/{leaseId}: delete: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string minLength: 1 description: The slug of the project of the dynamic secret in. path: type: string minLength: 1 default: / description: The path of the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment of the dynamic secret in. isForced: type: boolean default: false description: A boolean flag to delete the the dynamic secret from Infisical without trying to remove it from external provider. Used when the dynamic secret got modified externally. required: - projectSlug - environmentSlug additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: leaseId required: true description: The ID of the dynamic secret lease. responses: '200': description: Default Response content: application/json: schema: type: object properties: lease: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt additionalProperties: false required: - lease additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Dynamic Secrets parameters: - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project to create dynamic secret in. - schema: type: string default: / in: query name: path required: false description: The path to list folders from. - schema: type: string minLength: 1 in: query name: environmentSlug required: true description: The slug of the environment to list folders from. - schema: type: string minLength: 1 in: path name: leaseId required: true description: The ID of the dynamic secret lease. responses: '200': description: Default Response content: application/json: schema: type: object properties: lease: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt - dynamicSecret additionalProperties: false required: - lease additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/leases/{leaseId}/renew: post: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: ttl: type: string description: The renew TTL that gets added with current expiry (ensure it's below max TTL) for a total less than creation time + max TTL. projectSlug: type: string minLength: 1 description: The slug of the project of the dynamic secret in. path: type: string minLength: 1 default: / description: The path of the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment of the dynamic secret in. required: - projectSlug - environmentSlug additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: leaseId required: true description: The ID of the dynamic secret lease. responses: '200': description: Default Response content: application/json: schema: type: object properties: lease: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt additionalProperties: false required: - lease additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/dynamic-secrets/leases/kubernetes: post: tags: - Dynamic Secrets requestBody: required: true content: application/json: schema: type: object properties: dynamicSecretName: type: string minLength: 1 description: The name of the dynamic secret. projectSlug: type: string minLength: 1 description: The slug of the project of the dynamic secret in. ttl: type: string description: The lease lifetime TTL. If not provided the default TTL of dynamic secret will be used. path: type: string default: / description: The path of the dynamic secret in. environmentSlug: type: string minLength: 1 description: The slug of the environment of the dynamic secret in. config: type: object properties: namespace: type: string minLength: 1 description: The Kubernetes namespace to create the lease in. If not specified, the first namespace defined in the configuration will be used. additionalProperties: false required: - dynamicSecretName - projectSlug - environmentSlug additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: lease: type: object properties: id: type: string format: uuid version: type: number externalEntityId: type: string expireAt: type: string format: date-time status: type: string nullable: true statusDetails: type: string nullable: true dynamicSecretId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time config: nullable: true required: - id - version - externalEntityId - expireAt - dynamicSecretId - createdAt - updatedAt additionalProperties: false dynamicSecret: type: object properties: id: type: string format: uuid name: type: string version: type: number type: type: string defaultTTL: type: string maxTTL: type: string nullable: true folderId: type: string format: uuid status: type: string nullable: true statusDetails: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time projectGatewayId: type: string format: uuid nullable: true gatewayId: type: string format: uuid nullable: true usernameTemplate: type: string nullable: true gatewayV2Id: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - id - name - version - type - defaultTTL - folderId - createdAt - updatedAt additionalProperties: false data: {} required: - lease - dynamicSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/relays: get: operationId: getRelays responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid nullable: true identityId: type: string format: uuid nullable: true name: type: string host: type: string heartbeat: type: string format: date-time nullable: true healthAlertedAt: type: string format: date-time nullable: true tokenVersion: type: number default: 0 required: - id - createdAt - updatedAt - name - host additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/directory: get: tags: - PKI ACME description: ACME Directory - provides URLs for the client to make API calls to parameters: - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: newNonce: type: string newAccount: type: string newOrder: type: string revokeCert: type: string meta: type: object properties: termsOfService: type: string website: type: string caaIdentities: type: array items: type: string externalAccountRequired: type: boolean additionalProperties: false required: - newNonce - newAccount - newOrder additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/new-nonce: get: tags: - PKI ACME description: ACME New Nonce (GET) - generate a new nonce and return in Replay-Nonce header with 204 No Content parameters: - schema: type: string format: uuid in: path name: profileId required: true responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 /api/v1/cert-manager/acme/profiles/{profileId}/new-account: post: tags: - PKI ACME description: ACME New Account - register a new account or find existing one requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true responses: '201': description: Default Response content: application/json: schema: type: object properties: status: type: string contact: type: array items: type: string orders: type: string required: - status additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/accounts/{accountId}: post: tags: - PKI ACME description: ACME Account Deactivation requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string in: path name: accountId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string required: - status additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/new-order: post: tags: - PKI ACME description: ACME New Order - apply for a new certificate requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true responses: '201': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending - ready - processing - valid - invalid expires: type: string notBefore: type: string notAfter: type: string identifiers: type: array items: type: object properties: type: type: string value: type: string required: - type - value additionalProperties: false authorizations: type: array items: type: string finalize: type: string certificate: type: string required: - status - identifiers - authorizations - finalize additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/orders/{orderId}: post: tags: - PKI ACME description: ACME Get Order - return status and details of the order requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string format: uuid in: path name: orderId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending - ready - processing - valid - invalid expires: type: string notBefore: type: string notAfter: type: string identifiers: type: array items: type: object properties: type: type: string value: type: string required: - type - value additionalProperties: false authorizations: type: array items: type: string finalize: type: string certificate: type: string required: - status - identifiers - authorizations - finalize additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/orders/{orderId}/finalize: post: tags: - PKI ACME description: ACME Finalize Order - finalize cert order by providing CSR requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string format: uuid in: path name: orderId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending - ready - processing - valid - invalid expires: type: string notBefore: type: string notAfter: type: string identifiers: type: array items: type: object properties: type: type: string value: type: string required: - type - value additionalProperties: false authorizations: type: array items: type: string finalize: type: string certificate: type: string required: - status - identifiers - authorizations - finalize additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/accounts/{accountId}/orders: post: tags: - PKI ACME description: ACME List Orders - get existing orders from current account requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string in: path name: accountId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: orders: type: array items: type: string required: - orders additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/orders/{orderId}/certificate: post: tags: - PKI ACME description: ACME Download Certificate - download certificate when ready requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string format: uuid in: path name: orderId required: true responses: '200': description: Default Response content: application/json: schema: type: string /api/v1/cert-manager/acme/profiles/{profileId}/authorizations/{authzId}: post: tags: - PKI ACME description: ACME Identifier Authorization - get authorization info (challenges) requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string format: uuid in: path name: authzId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending - valid - invalid - deactivated - expired - revoked expires: type: string identifier: type: object properties: type: type: string value: type: string required: - type - value additionalProperties: false wildcard: type: boolean challenges: type: array items: type: object properties: type: type: string enum: - http-01 - dns-01 - tls-alpn-01 url: type: string status: type: string token: type: string validated: type: string required: - type - url - status - token additionalProperties: false required: - status - identifier - challenges additionalProperties: false /api/v1/cert-manager/acme/profiles/{profileId}/authorizations/{authzId}/challenges/{challengeId}: post: tags: - PKI ACME description: ACME Respond to Challenge - let ACME server know challenge is ready parameters: - schema: type: string format: uuid in: path name: profileId required: true - schema: type: string format: uuid in: path name: authzId required: true - schema: type: string format: uuid in: path name: challengeId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: type: type: string enum: - http-01 - dns-01 - tls-alpn-01 url: type: string status: type: string token: type: string validated: type: string error: type: object properties: type: type: string detail: type: string status: type: number required: - type - detail - status additionalProperties: false required: - type - url - status - token additionalProperties: false /api/v1/cert-manager/acme/applications/{applicationId}/profiles/{profileId}/directory: get: tags: - PKI ACME description: ACME Directory - provides URLs for the client to make API calls to parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: newNonce: type: string newAccount: type: string newOrder: type: string revokeCert: type: string meta: type: object properties: termsOfService: type: string website: type: string caaIdentities: type: array items: type: string externalAccountRequired: type: boolean additionalProperties: false required: - newNonce - newAccount - newOrder additionalProperties: false /api/v1/cert-manager/acme/applications/{applicationId}/profiles/{profileId}/new-account: post: tags: - PKI ACME description: ACME New Account - register a new account or find existing one requestBody: required: true content: application/json: schema: type: object properties: protected: type: string payload: type: string signature: type: string required: - protected - payload - signature additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '201': description: Default Response content: application/json: schema: type: object properties: status: type: string contact: type: array items: type: string orders: type: string required: - status additionalProperties: false /api/v1/cert-manager/discovery-jobs/config: get: operationId: getPkiDiscoveryConfig tags: - PKI Discovery description: Get PKI discovery configuration limits and defaults responses: '200': description: Default Response content: application/json: schema: type: object properties: defaultPorts: type: string maxPorts: type: number maxIps: type: number maxDomains: type: number minCidrPrefix: type: number required: - defaultPorts - maxPorts - maxIps - maxDomains - minCidrPrefix additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/discovery-jobs: post: operationId: createPkiDiscovery tags: - PKI Discovery description: Create a new PKI discovery configuration requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 100 description: Name of the discovery configuration description: type: string maxLength: 500 description: Description of the discovery configuration discoveryType: type: string enum: - network default: network description: Type of discovery scan targetConfig: type: object properties: ipRanges: type: array items: type: string maxLength: 64 domains: type: array items: type: string maxLength: 253 ports: type: string default: 443, 8443, 636, 993, 995 additionalProperties: false description: Target configuration for discovery scans isAutoScanEnabled: type: boolean default: false description: Enable automatic scheduled scans scanIntervalDays: type: number minimum: 1 maximum: 365 description: Interval in days between automatic scans gatewayId: type: string format: uuid description: Gateway ID for scanning private networks gatewayPoolId: type: string format: uuid description: Gateway pool ID for scanning private networks required: - name - targetConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true discoveryType: type: string default: network targetConfig: {} isAutoScanEnabled: type: boolean default: false scanIntervalDays: type: number nullable: true gatewayId: type: string format: uuid nullable: true isActive: type: boolean default: true lastScanStatus: type: string nullable: true lastScanJobId: type: string nullable: true lastScanMessage: type: string nullable: true lastScannedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time gatewayPoolId: type: string format: uuid nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listPkiDiscoveries tags: - PKI Discovery description: List PKI discovery configurations for a project parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: Pagination offset - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: Pagination limit - schema: type: string in: query name: search required: false description: Search filter for name or description responses: '200': description: Default Response content: application/json: schema: type: object properties: discoveries: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true discoveryType: type: string default: network targetConfig: {} isAutoScanEnabled: type: boolean default: false scanIntervalDays: type: number nullable: true gatewayId: type: string format: uuid nullable: true isActive: type: boolean default: true lastScanStatus: type: string nullable: true lastScanJobId: type: string nullable: true lastScanMessage: type: string nullable: true lastScannedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time gatewayPoolId: type: string format: uuid nullable: true certificatesFound: type: number installationsFound: type: number required: - id - name - createdAt - updatedAt - certificatesFound - installationsFound additionalProperties: false totalCount: type: number required: - discoveries - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/discovery-jobs/{discoveryId}: get: operationId: getPkiDiscovery tags: - PKI Discovery description: Get a PKI discovery configuration by ID parameters: - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true discoveryType: type: string default: network targetConfig: {} isAutoScanEnabled: type: boolean default: false scanIntervalDays: type: number nullable: true gatewayId: type: string format: uuid nullable: true isActive: type: boolean default: true lastScanStatus: type: string nullable: true lastScanJobId: type: string nullable: true lastScanMessage: type: string nullable: true lastScannedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time gatewayPoolId: type: string format: uuid nullable: true linkedInstallationsCount: type: number gatewayName: type: string nullable: true gatewayPoolName: type: string nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiDiscovery tags: - PKI Discovery description: Update a PKI discovery configuration requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 100 description: Name of the discovery configuration description: type: string maxLength: 500 nullable: true description: Description of the discovery configuration targetConfig: type: object properties: ipRanges: type: array items: type: string maxLength: 64 domains: type: array items: type: string maxLength: 253 ports: type: string default: 443, 8443, 636, 993, 995 additionalProperties: false description: Target configuration for discovery scans isAutoScanEnabled: type: boolean description: Enable automatic scheduled scans scanIntervalDays: type: number minimum: 1 maximum: 365 nullable: true description: Interval in days between automatic scans gatewayId: type: string format: uuid nullable: true description: Gateway ID for scanning private networks gatewayPoolId: type: string format: uuid nullable: true description: Gateway pool ID for scanning private networks isActive: type: boolean description: Whether the discovery configuration is active additionalProperties: false parameters: - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true discoveryType: type: string default: network targetConfig: {} isAutoScanEnabled: type: boolean default: false scanIntervalDays: type: number nullable: true gatewayId: type: string format: uuid nullable: true isActive: type: boolean default: true lastScanStatus: type: string nullable: true lastScanJobId: type: string nullable: true lastScanMessage: type: string nullable: true lastScannedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time gatewayPoolId: type: string format: uuid nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiDiscovery tags: - PKI Discovery description: Delete a PKI discovery configuration parameters: - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true discoveryType: type: string default: network targetConfig: {} isAutoScanEnabled: type: boolean default: false scanIntervalDays: type: number nullable: true gatewayId: type: string format: uuid nullable: true isActive: type: boolean default: true lastScanStatus: type: string nullable: true lastScanJobId: type: string nullable: true lastScanMessage: type: string nullable: true lastScannedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time gatewayPoolId: type: string format: uuid nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/discovery-jobs/{discoveryId}/scan: post: operationId: triggerPkiDiscoveryScan tags: - PKI Discovery description: Trigger a manual PKI discovery scan parameters: - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/discovery-jobs/{discoveryId}/latest-scan: get: operationId: getPkiDiscoveryLatestScan tags: - PKI Discovery description: Get the latest scan for a PKI discovery configuration parameters: - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid discoveryConfigId: type: string format: uuid startedAt: type: string format: date-time completedAt: type: string format: date-time nullable: true status: type: string targetsScannedCount: type: number default: 0 certificatesFoundCount: type: number default: 0 installationsFoundCount: type: number default: 0 errorMessage: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - discoveryConfigId - startedAt - status - createdAt - updatedAt additionalProperties: false nullable: true '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/discovery-jobs/{discoveryId}/scans: get: operationId: listPkiDiscoveryScans tags: - PKI Discovery description: Get scan history for a PKI discovery configuration parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: Pagination offset - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: Pagination limit - schema: type: string format: uuid in: path name: discoveryId required: true description: The ID of the discovery configuration responses: '200': description: Default Response content: application/json: schema: type: object properties: scans: type: array items: type: object properties: id: type: string format: uuid discoveryConfigId: type: string format: uuid startedAt: type: string format: date-time completedAt: type: string format: date-time nullable: true status: type: string targetsScannedCount: type: number default: 0 certificatesFoundCount: type: number default: 0 installationsFoundCount: type: number default: 0 errorMessage: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - discoveryConfigId - startedAt - status - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - scans - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/installations: get: operationId: listPkiInstallations tags: - PKI Installations description: List PKI certificate installations for a project parameters: - schema: type: string format: uuid in: query name: discoveryId required: false description: Filter by discovery configuration ID - schema: type: string format: uuid in: query name: certificateId required: false description: Filter by certificate ID - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: Pagination offset - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: Pagination limit - schema: type: string in: query name: search required: false description: Search filter for name, hostname, or IP address responses: '200': description: Default Response content: application/json: schema: type: object properties: installations: type: array items: type: object properties: id: type: string format: uuid locationType: type: string locationDetails: {} locationFingerprint: type: string name: type: string nullable: true type: type: string default: unknown metadata: nullable: true lastSeenAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time certificatesCount: type: number primaryCertName: type: string nullable: true discoveryName: type: string nullable: true required: - id - locationType - locationFingerprint - lastSeenAt - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - installations - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/installations/{installationId}: get: operationId: getPkiInstallation tags: - PKI Installations description: Get a PKI certificate installation by ID with linked certificates parameters: - schema: type: string format: uuid in: path name: installationId required: true description: The ID of the installation responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid locationType: type: string locationDetails: {} locationFingerprint: type: string name: type: string nullable: true type: type: string default: unknown metadata: nullable: true lastSeenAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time discoveryName: type: string nullable: true certificates: type: array items: type: object properties: certificateId: type: string format: uuid firstSeenAt: type: string format: date-time lastSeenAt: type: string format: date-time commonName: type: string nullable: true serialNumber: type: string nullable: true notBefore: type: string format: date-time nullable: true notAfter: type: string format: date-time nullable: true status: type: string nullable: true friendlyName: type: string nullable: true fingerprintSha256: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true required: - certificateId - firstSeenAt - lastSeenAt additionalProperties: false required: - id - locationType - locationFingerprint - lastSeenAt - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiInstallation tags: - PKI Installations description: Update a PKI certificate installation requestBody: required: true content: application/json: schema: type: object properties: name: type: string maxLength: 255 description: Name of the installation additionalProperties: false parameters: - schema: type: string format: uuid in: path name: installationId required: true description: The ID of the installation responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid locationType: type: string locationDetails: {} locationFingerprint: type: string name: type: string nullable: true type: type: string default: unknown metadata: nullable: true lastSeenAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - locationType - locationFingerprint - lastSeenAt - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiInstallation tags: - PKI Installations description: Delete a PKI certificate installation parameters: - schema: type: string format: uuid in: path name: installationId required: true description: The ID of the installation responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid locationType: type: string locationDetails: {} locationFingerprint: type: string name: type: string nullable: true type: type: string default: unknown metadata: nullable: true lastSeenAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - locationType - locationFingerprint - lastSeenAt - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/ca: post: tags: - SSH Certificate Authorities description: Create SSH CA requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the SSH CA in. friendlyName: type: string description: A friendly name for the SSH CA. keyAlgorithm: type: string enum: - RSA_2048 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - ED25519 default: ED25519 description: The type of public key algorithm and size, in bits, of the key pair for the SSH CA; required if keySource is internal. publicKey: type: string description: The public key for the SSH CA key pair; required if keySource is external. privateKey: type: string description: The private key for the SSH CA key pair; required if keySource is external. keySource: type: string enum: - internal - external default: internal description: The source of the SSH CA key pair. This can be one of internal or external. required: - projectId - friendlyName additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string publicKey: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource - publicKey additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/ca/{sshCaId}: get: tags: - SSH Certificate Authorities description: Get SSH CA parameters: - schema: type: string in: path name: sshCaId required: true description: The ID of the SSH CA to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string publicKey: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource - publicKey additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - SSH Certificate Authorities description: Update SSH CA requestBody: required: true content: application/json: schema: type: object properties: friendlyName: type: string description: A friendly name for the SSH CA to update to. status: type: string enum: - active - disabled description: The status of the SSH CA to update to. This can be one of active or disabled. additionalProperties: false parameters: - schema: type: string in: path name: sshCaId required: true description: The ID of the SSH CA to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string publicKey: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource - publicKey additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - SSH Certificate Authorities description: Delete SSH CA parameters: - schema: type: string in: path name: sshCaId required: true description: The ID of the SSH CA to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/ca/{sshCaId}/public-key: get: tags: - SSH Certificate Authorities description: Get public key of SSH CA parameters: - schema: type: string in: path name: sshCaId required: true description: The ID of the SSH CA to get the public key for. responses: '200': description: Default Response content: application/json: schema: type: string '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/ca/{sshCaId}/certificate-templates: get: tags: - SSH Certificate Authorities description: Get list of certificate templates for the SSH CA parameters: - schema: type: string in: path name: sshCaId required: true description: The ID of the SSH CA to get the certificate templates for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false required: - certificateTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/certificates/sign: post: tags: - SSH Certificates description: Sign SSH public key requestBody: required: true content: application/json: schema: type: object properties: certificateTemplateId: type: string minLength: 1 description: The ID of the SSH certificate template to sign the SSH public key with. publicKey: type: string description: The SSH public key to sign. certType: type: string enum: - user - host default: user description: The type of certificate to issue. This can be one of user or host. principals: type: array items: type: string minItems: 1 description: The list of principals (usernames, hostnames) to include in the certificate. ttl: type: string description: The time to live for the certificate such as 1m, 1h, 1d, ... If not specified, the default TTL for the template will be used. keyId: type: string maxLength: 50 description: The key ID to include in the certificate. If not specified, a default key ID will be generated. required: - certificateTemplateId - publicKey - principals additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: serialNumber: type: string description: The serial number of the issued SSH certificate. signedKey: type: string description: The SSH certificate or signed SSH public key. required: - serialNumber - signedKey additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/certificates/issue: post: tags: - SSH Certificates description: Issue SSH credentials (certificate + key) requestBody: required: true content: application/json: schema: type: object properties: certificateTemplateId: type: string minLength: 1 description: The ID of the SSH certificate template to issue the SSH credentials with. keyAlgorithm: type: string enum: - RSA_2048 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - ED25519 default: ED25519 description: The type of public key algorithm and size, in bits, of the key pair for the SSH CA. certType: type: string enum: - user - host default: user description: The type of certificate to issue. This can be one of user or host. principals: type: array items: type: string minItems: 1 description: The list of principals (usernames, hostnames) to include in the certificate. ttl: type: string description: The time to live for the certificate such as 1m, 1h, 1d, ... If not specified, the default TTL for the template will be used. keyId: type: string maxLength: 50 description: The key ID to include in the certificate. If not specified, a default key ID will be generated. required: - certificateTemplateId - principals additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: serialNumber: type: string description: The serial number of the issued SSH certificate. signedKey: type: string description: The SSH certificate or signed SSH public key. privateKey: type: string description: The private key corresponding to the issued SSH certificate. publicKey: type: string description: The public key of the issued SSH certificate. keyAlgorithm: type: string enum: - RSA_2048 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - ED25519 description: The type of public key algorithm and size, in bits, of the key pair for the SSH CA. required: - serialNumber - signedKey - privateKey - publicKey - keyAlgorithm additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/certificate-templates/{certificateTemplateId}: get: tags: - SSH Certificate Templates parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the SSH certificate template to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - SSH Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: status: type: string enum: - active - disabled name: type: string minLength: 1 maxLength: 36 description: The name of the certificate template. ttl: type: string description: The default time to live for issued certificates such as 1m, 1h, 1d, 1y, ... maxTTL: type: string description: The maximum time to live for issued certificates such as 1m, 1h, 1d, 1y, ... allowedUsers: type: array items: type: string description: The list of allowed users for certificates issued under this template. allowedHosts: type: array items: type: string description: The list of allowed hosts for certificates issued under this template. allowUserCertificates: type: boolean description: Whether or not to allow user certificates to be issued under this template. allowHostCertificates: type: boolean description: Whether or not to allow host certificates to be issued under this template. allowCustomKeyIds: type: boolean description: Whether or not to allow custom key IDs for certificates issued under this template. additionalProperties: false parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the SSH certificate template to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - SSH Certificate Templates parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the SSH certificate template to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/certificate-templates: post: tags: - SSH Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: sshCaId: type: string description: The ID of the SSH CA to associate the certificate template with. name: type: string minLength: 1 maxLength: 36 description: The name of the certificate template. ttl: type: string default: 1h description: The default time to live for issued certificates such as 1m, 1h, 1d, 1y, ... maxTTL: type: string default: 30d description: The maximum time to live for issued certificates such as 1m, 1h, 1d, 1y, ... allowedUsers: type: array items: type: string description: The list of allowed users for certificates issued under this template. allowedHosts: type: array items: type: string description: The list of allowed hosts for certificates issued under this template. allowUserCertificates: type: boolean description: Whether or not to allow user certificates to be issued under this template. allowHostCertificates: type: boolean description: Whether or not to allow host certificates to be issued under this template. allowCustomKeyIds: type: boolean description: Whether or not to allow custom key IDs for certificates issued under this template. required: - sshCaId - name - allowedUsers - allowedHosts - allowUserCertificates - allowHostCertificates - allowCustomKeyIds additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts: get: tags: - SSH Hosts responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - SSH Hosts description: Register SSH Host requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the SSH host in. hostname: type: string minLength: 1 description: The hostname of the SSH host. alias: type: string minLength: 0 maxLength: 64 description: The alias for the SSH host. default: '' userCertTtl: type: string default: 8h description: The time to live for user certificates issued under this host. hostCertTtl: type: string default: 1y description: The time to live for host certificates issued under this host. loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false default: [] description: A list of login mappings for the SSH host. Each login mapping contains a login user and a list of corresponding allowed principals being usernames of users or groups slugs in the Infisical SSH project. userSshCaId: type: string description: The ID of the SSH CA to use for user certificates. If not specified, the default user SSH CA will be used if it exists. hostSshCaId: type: string description: The ID of the SSH CA to use for host certificates. If not specified, the default host SSH CA will be used if it exists. required: - projectId - hostname additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts/{sshHostId}: get: tags: - SSH Hosts parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - SSH Hosts description: Update SSH Host requestBody: required: true content: application/json: schema: type: object properties: hostname: type: string minLength: 1 description: The hostname of the SSH host to update to. alias: type: string minLength: 0 maxLength: 64 description: The alias for the SSH host to update to. userCertTtl: type: string description: The time to live for user certificates issued under this host to update to. hostCertTtl: type: string description: The time to live for host certificates issued under this host to update to. loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false description: A list of login mappings for the SSH host. Each login mapping contains a login user and a list of corresponding allowed principals being usernames of users or groups slugs in the Infisical SSH project. additionalProperties: false parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - SSH Hosts description: Delete SSH Host parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts/{sshHostId}/issue-user-cert: post: tags: - SSH Hosts description: Issue SSH certificate for user requestBody: required: true content: application/json: schema: type: object properties: loginUser: type: string description: The login user to issue the SSH credentials for. required: - loginUser additionalProperties: false parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to issue the SSH credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: serialNumber: type: string description: The serial number of the issued SSH certificate. signedKey: type: string description: The SSH certificate or signed SSH public key. privateKey: type: string description: The private key corresponding to the issued SSH certificate. publicKey: type: string description: The public key of the issued SSH certificate. keyAlgorithm: type: string enum: - RSA_2048 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - ED25519 description: The type of public key algorithm and size, in bits, of the key pair for the SSH host. required: - serialNumber - signedKey - privateKey - publicKey - keyAlgorithm additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts/{sshHostId}/issue-host-cert: post: tags: - SSH Hosts description: Issue SSH certificate for host requestBody: required: true content: application/json: schema: type: object properties: publicKey: type: string description: The SSH public key to issue the SSH certificate for. required: - publicKey additionalProperties: false parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to issue the SSH certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: serialNumber: type: string description: The serial number of the issued SSH certificate. signedKey: type: string description: The SSH certificate or signed SSH public key. required: - serialNumber - signedKey additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts/{sshHostId}/user-ca-public-key: get: tags: - SSH Hosts description: Get public key of the user SSH CA linked to the host parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to get the user SSH CA public key for. responses: '200': description: The public key of the user SSH CA linked to the SSH host. content: application/json: schema: type: string description: The public key of the user SSH CA linked to the SSH host. '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/hosts/{sshHostId}/host-ca-public-key: get: tags: - SSH Hosts description: Get public key of the host SSH CA linked to the host parameters: - schema: type: string in: path name: sshHostId required: true description: The ID of the SSH host to get the host SSH CA public key for. responses: '200': description: The public key of the host SSH CA linked to the SSH host. content: application/json: schema: type: string description: The public key of the host SSH CA linked to the SSH host. '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/host-groups/{sshHostGroupId}: get: tags: - SSH Host Groups description: Get SSH Host Group parameters: - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - name - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - SSH Host Groups description: Update SSH Host Group requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the SSH host group to update to. loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false description: A list of default login mappings to include on each host in the SSH host group. Each login mapping contains a login user and a list of corresponding allowed principals being usernames of users in the Infisical SSH project. additionalProperties: false parameters: - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - name - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - SSH Host Groups description: Delete SSH Host Group parameters: - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - name - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/host-groups: post: tags: - SSH Host Groups description: Create SSH Host Group requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the SSH host group in. name: type: string minLength: 1 maxLength: 64 description: The name of the SSH host group. loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false default: [] description: A list of default login mappings to include on each host in the SSH host group. Each login mapping contains a login user and a list of corresponding allowed principals being usernames of users in the Infisical SSH project. required: - projectId - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - name - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/host-groups/{sshHostGroupId}/hosts: get: tags: - SSH Host Groups description: Get SSH Hosts in a Host Group parameters: - schema: type: string enum: - group-members - non-group-members in: query name: filter required: false description: The filter to apply to the SSH hosts in the SSH host group. - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: hosts: type: array items: type: object properties: id: type: string format: uuid hostname: type: string alias: type: string nullable: true isPartOfGroup: type: boolean joinedGroupAt: type: string format: date-time nullable: true required: - id - hostname - isPartOfGroup - joinedGroupAt additionalProperties: false totalCount: type: number required: - hosts - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ssh/host-groups/{sshHostGroupId}/hosts/{hostId}: post: tags: - SSH Host Groups description: Add an SSH Host to a Host Group parameters: - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to add the host to. - schema: type: string in: path name: hostId required: true description: The ID of the SSH host to add to the SSH host group. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - SSH Host Groups description: Remove an SSH Host from a Host Group parameters: - schema: type: string in: path name: sshHostGroupId required: true description: The ID of the SSH host group to delete the host from. - schema: type: string in: path name: hostId required: true description: The ID of the SSH host to delete from the SSH host group. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/sso/config: get: tags: - SAML SSO description: Get SAML config parameters: - schema: type: string in: query name: organizationId required: true description: The ID of the organization to get the SAML config for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string organization: type: string orgId: type: string authProvider: type: string isActive: type: boolean entryPoint: type: string issuer: type: string cert: type: string lastUsed: type: string format: date-time nullable: true enableGroupSync: type: boolean required: - id - organization - orgId - authProvider - isActive - entryPoint - issuer - cert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - SAML SSO description: Create SAML config requestBody: required: true content: application/json: schema: type: object properties: organizationId: type: string description: The ID of the organization to create the SAML config for. authProvider: type: string enum: - okta-saml - azure-saml - jumpcloud-saml - google-saml - keycloak-saml - auth0-saml description: Authentication provider to use for SAML authentication. isActive: type: boolean description: Whether to enable or disable this SAML configuration. entryPoint: type: string description: The entry point for the SAML authentication. This is the URL that the user will be redirected to after they have authenticated with the SAML provider. issuer: type: string description: The SAML provider issuer URL or entity ID. cert: type: string description: The certificate to use for SAML authentication. enableGroupSync: type: boolean description: Whether to enable automatic synchronization of group memberships from the SAML provider to Infisical groups. required: - organizationId - authProvider - isActive - entryPoint - issuer - cert additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid isActive: type: boolean lastUsed: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time authProvider: type: string required: - id - orgId - isActive - createdAt - updatedAt - authProvider additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - SAML SSO description: Update SAML config requestBody: required: true content: application/json: schema: type: object properties: authProvider: type: string enum: - okta-saml - azure-saml - jumpcloud-saml - google-saml - keycloak-saml - auth0-saml description: Authentication provider to use for SAML authentication. isActive: type: boolean description: Whether to enable or disable this SAML configuration. entryPoint: type: string description: The entry point for the SAML authentication. This is the URL that the user will be redirected to after they have authenticated with the SAML provider. issuer: type: string description: The SAML provider issuer URL or entity ID. cert: type: string description: The certificate to use for SAML authentication. enableGroupSync: type: boolean description: Whether to enable automatic synchronization of group memberships from the SAML provider to Infisical groups. organizationId: type: string description: The ID of the organization to update the SAML config for. required: - organizationId additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid isActive: type: boolean lastUsed: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time authProvider: type: string required: - id - orgId - isActive - createdAt - updatedAt - authProvider additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/sso/oidc/config: get: tags: - OIDC SSO description: Get OIDC config parameters: - schema: type: string in: query name: organizationId required: true description: The ID of the organization to get the OIDC config for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid issuer: type: string nullable: true authorizationEndpoint: type: string nullable: true jwksUri: type: string nullable: true tokenEndpoint: type: string nullable: true userinfoEndpoint: type: string nullable: true configurationType: type: string discoveryURL: type: string nullable: true isActive: type: boolean orgId: type: string format: uuid allowedEmailDomains: type: string nullable: true manageGroupMemberships: type: boolean default: false jwtSignatureAlgorithm: type: string default: RS256 clientId: type: string clientSecret: type: string required: - id - configurationType - isActive - orgId - clientId - clientSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - OIDC SSO description: Update OIDC config requestBody: required: true content: application/json: schema: type: object properties: allowedEmailDomains: type: string default: '' description: 'A list of allowed email domains that users can use to authenticate with. This field is comma separated. Supports wildcards (e.g. *.example.com). Example: ''example.com, *.acme.com''' discoveryURL: type: string description: The URL of the OIDC discovery endpoint. configurationType: type: string enum: - custom - discoveryURL description: The configuration type to use for the OIDC configuration. issuer: type: string description: The issuer for the OIDC configuration. This is only supported when the OIDC configuration type is set to 'custom'. authorizationEndpoint: type: string description: The endpoint to use for OIDC authorization. This is only supported when the OIDC configuration type is set to 'custom'. jwksUri: type: string description: The URL of the OIDC JWKS endpoint. tokenEndpoint: type: string description: The token endpoint to use for OIDC token exchange. userinfoEndpoint: type: string description: The userinfo endpoint to get user information from the OIDC provider. clientId: type: string description: The client ID to use for OIDC authentication. clientSecret: type: string description: The client secret to use for OIDC authentication. isActive: type: boolean description: Whether to enable or disable this OIDC configuration. manageGroupMemberships: type: boolean description: Whether to manage group memberships for the OIDC configuration. If enabled, users will automatically be assigned groups when they sign in, based on which groups they are a member of in the OIDC provider. jwtSignatureAlgorithm: type: string enum: - RS256 - HS256 - RS512 - EdDSA description: The algorithm to use for JWT signature verification. organizationId: type: string description: The ID of the organization to update the OIDC config for. required: - organizationId additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid issuer: type: string nullable: true authorizationEndpoint: type: string nullable: true configurationType: type: string discoveryURL: type: string nullable: true jwksUri: type: string nullable: true tokenEndpoint: type: string nullable: true userinfoEndpoint: type: string nullable: true orgId: type: string format: uuid allowedEmailDomains: type: string nullable: true isActive: type: boolean manageGroupMemberships: type: boolean default: false required: - id - configurationType - orgId - isActive additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - OIDC SSO description: Create OIDC config requestBody: required: true content: application/json: schema: type: object properties: allowedEmailDomains: type: string default: '' description: A list of allowed email domains that users can use to authenticate with. This field is comma separated. Supports wildcards (e.g. *.example.com). configurationType: type: string enum: - custom - discoveryURL description: The configuration type to use for the OIDC configuration. issuer: type: string default: '' description: The issuer for the OIDC configuration. This is only supported when the OIDC configuration type is set to 'custom'. discoveryURL: type: string default: '' description: The URL of the OIDC discovery endpoint. authorizationEndpoint: type: string default: '' description: The authorization endpoint to use for OIDC authorization. This is only supported when the OIDC configuration type is set to 'custom'. jwksUri: type: string default: '' description: The URL of the OIDC JWKS endpoint. tokenEndpoint: type: string default: '' description: The token endpoint to use for OIDC token exchange. userinfoEndpoint: type: string default: '' description: The userinfo endpoint to get user information from the OIDC provider. clientId: type: string description: The client ID to use for OIDC authentication. clientSecret: type: string description: The client secret to use for OIDC authentication. isActive: type: boolean description: Whether to enable or disable this OIDC configuration. organizationId: type: string description: The ID of the organization to create the OIDC config for. manageGroupMemberships: type: boolean default: false description: Whether to manage group memberships for the OIDC configuration. If enabled, users will automatically be assigned groups when they sign in, based on which groups they are a member of in the OIDC provider. jwtSignatureAlgorithm: type: string enum: - RS256 - HS256 - RS512 - EdDSA default: RS256 description: The algorithm to use for JWT signature verification. required: - configurationType - clientId - clientSecret - isActive - organizationId additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid issuer: type: string nullable: true authorizationEndpoint: type: string nullable: true configurationType: type: string discoveryURL: type: string nullable: true jwksUri: type: string nullable: true tokenEndpoint: type: string nullable: true userinfoEndpoint: type: string nullable: true orgId: type: string format: uuid isActive: type: boolean allowedEmailDomains: type: string nullable: true manageGroupMemberships: type: boolean default: false jwtSignatureAlgorithm: type: string default: RS256 required: - id - configurationType - orgId - isActive additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/ldap/config: get: tags: - LDAP SSO description: Get LDAP config parameters: - schema: type: string in: query name: organizationId required: true description: The ID of the organization to get the LDAP config for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string organization: type: string isActive: type: boolean url: type: string bindDN: type: string bindPass: type: string uniqueUserAttribute: type: string searchBase: type: string searchFilter: type: string groupSearchBase: type: string groupSearchFilter: type: string caCert: type: string clientCertificate: type: string hasClientKeyCertificate: type: boolean required: - id - organization - isActive - url - bindDN - bindPass - uniqueUserAttribute - searchBase - searchFilter - groupSearchBase - groupSearchFilter - caCert - clientCertificate - hasClientKeyCertificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - LDAP SSO description: Create LDAP config requestBody: required: true content: application/json: schema: type: object properties: organizationId: type: string description: The ID of the organization to create the LDAP config for. isActive: type: boolean description: Whether to enable or disable this LDAP configuration. url: type: string description: The LDAP server to connect to such as `ldap://ldap.your-org.com`, `ldaps://ldap.myorg.com:636` (for connection over SSL/TLS), etc. bindDN: type: string description: The distinguished name of the object to bind when performing the user search such as `cn=infisical,ou=Users,dc=acme,dc=com` bindPass: type: string description: The password to use along with Bind DN when performing the user search. uniqueUserAttribute: type: string default: uidNumber description: The attribute to use as the unique identifier of LDAP users such as `sAMAccountName`, `cn`, `uid`, `objectGUID`. If left blank, defaults to uidNumber searchBase: type: string description: The base DN to use for the user search such as `ou=Users,dc=acme,dc=com` searchFilter: type: string default: (uid={{username}}) description: The template used to construct the LDAP user search filter such as `(uid={{username}})` uses literal `{{username}}` to have the given username used in the search. The default is `(uid={{username}})` which is compatible with several common directory schemas. groupSearchBase: type: string description: LDAP search base to use for group membership search such as `ou=Groups,dc=acme,dc=com` groupSearchFilter: type: string default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}})) description: 'The template used when constructing the group membership query such as `(&(objectClass=posixGroup)(memberUid={{.Username}}))`. The template can access the following context variables: `[UserDN, UserName]`. The default is `(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))` which is compatible with several common directory schemas.' caCert: type: string default: '' description: The CA certificate to use when verifying the LDAP server certificate. clientCertificate: type: string default: '' description: PEM-encoded client certificate presented during the TLS handshake for mutual TLS (mTLS). Must be provided together with clientKeyCertificate. clientKeyCertificate: type: string default: '' description: PEM-encoded private key matching the client certificate, used during the TLS handshake for mutual TLS (mTLS). Must be provided together with clientCertificate. required: - organizationId - isActive - url - bindDN - bindPass - searchBase - groupSearchBase additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: updatedAt: type: string format: date-time createdAt: type: string format: date-time isActive: type: boolean orgId: type: string format: uuid id: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string default: '' groupSearchBase: type: string default: '' uniqueUserAttribute: type: string default: '' groupSearchFilter: type: string default: '' required: - updatedAt - createdAt - isActive - orgId - id - url - searchBase additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - LDAP SSO description: Update LDAP config requestBody: required: true content: application/json: schema: type: object properties: isActive: type: boolean description: Whether to enable or disable this LDAP configuration. url: type: string description: The LDAP server to connect to such as `ldap://ldap.your-org.com`, `ldaps://ldap.myorg.com:636` (for connection over SSL/TLS), etc. bindDN: type: string description: The distinguished name of object to bind when performing the user search such as `cn=infisical,ou=Users,dc=acme,dc=com` bindPass: type: string description: The password to use along with Bind DN when performing the user search. uniqueUserAttribute: type: string description: The attribute to use as the unique identifier of LDAP users such as `sAMAccountName`, `cn`, `uid`, `objectGUID`. If left blank, defaults to uidNumber searchBase: type: string description: The base DN to use for the user search such as `ou=Users,dc=acme,dc=com` searchFilter: type: string description: The template used to construct the LDAP user search filter such as `(uid={{username}})` uses literal `{{username}}` to have the given username used in the search. The default is `(uid={{username}})` which is compatible with several common directory schemas. groupSearchBase: type: string description: LDAP search base to use for group membership search such as `ou=Groups,dc=acme,dc=com` groupSearchFilter: type: string description: 'The template used when constructing the group membership query such as `(&(objectClass=posixGroup)(memberUid={{.Username}}))`. The template can access the following context variables: `[UserDN, UserName]`. The default is `(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))` which is compatible with several common directory schemas.' caCert: type: string description: The CA certificate to use when verifying the LDAP server certificate. clientCertificate: type: string description: PEM-encoded client certificate presented during the TLS handshake for mutual TLS (mTLS). Must be provided together with clientKeyCertificate. clientKeyCertificate: type: string description: PEM-encoded private key matching the client certificate, used during the TLS handshake for mutual TLS (mTLS). Must be provided together with clientCertificate. organizationId: type: string description: The ID of the organization to update the LDAP config for. required: - organizationId additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: updatedAt: type: string format: date-time createdAt: type: string format: date-time isActive: type: boolean orgId: type: string format: uuid id: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string default: '' groupSearchBase: type: string default: '' uniqueUserAttribute: type: string default: '' groupSearchFilter: type: string default: '' required: - updatedAt - createdAt - isActive - orgId - id - url - searchBase additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups: post: operationId: createGroup tags: - Groups requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: The name of the group to create. slug: type: string minLength: 5 maxLength: 255 description: The slug of the group to create. role: type: string minLength: 1 default: no-access description: The role of the group to create. required: - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - orgId - name - slug - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listGroups tags: - Groups responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid orgId: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time role: type: string roleId: type: string nullable: true required: - id - orgId - name - slug - createdAt - updatedAt - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}: get: operationId: getGroupById tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to fetch. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time role: type: string roleId: type: string nullable: true customRoleSlug: type: string nullable: true required: - id - orgId - name - slug - createdAt - updatedAt - role - customRoleSlug additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGroup tags: - Groups requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: The new name of the group to update to. slug: type: string minLength: 5 maxLength: 255 description: The new slug of the group to update to. role: type: string minLength: 1 description: The new role of the group to update to. additionalProperties: false parameters: - schema: type: string in: path name: id required: true description: The ID of the group to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - orgId - name - slug - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGroup tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid orgId: type: string format: uuid name: type: string slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - orgId - name - slug - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/users: get: operationId: listGroupUsers tags: - Groups parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th user. - schema: type: number minimum: 1 maximum: 100 default: 10 in: query name: limit required: false description: The number of users to return. - schema: type: string in: query name: username required: false description: The username to search for. - schema: type: string in: query name: search required: false description: The text string that user email or name will be filtered by. - schema: type: string enum: - existingMembers - nonMembers in: query name: filter required: false description: Whether to filter the list of returned users. 'existingMembers' will only return existing users in the group, 'nonMembers' will only return users not in the group, undefined will return all users in the organization. - schema: type: string in: path name: id required: true description: The ID of the group to list users for. responses: '200': description: Default Response content: application/json: schema: type: object properties: users: type: array items: type: object properties: email: type: string nullable: true username: type: string firstName: type: string nullable: true lastName: type: string nullable: true id: type: string format: uuid isPartOfGroup: type: boolean joinedGroupAt: type: string format: date-time nullable: true required: - username - id - isPartOfGroup - joinedGroupAt additionalProperties: false totalCount: type: number required: - users - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/machine-identities: get: operationId: listGroupMachineIdentities tags: - Groups parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity. - schema: type: number minimum: 1 maximum: 100 default: 10 in: query name: limit required: false description: The number of identities to return. - schema: type: string in: query name: search required: false description: The text string that machine identity name will be filtered by. - schema: type: string enum: - assignedMachineIdentities - nonAssignedMachineIdentities in: query name: filter required: false description: Whether to filter the list of returned identities. 'assignedMachineIdentities' will only return identities assigned to the group, 'nonAssignedMachineIdentities' will only return identities not assigned to the group, undefined will return all identities in the organization. - schema: type: string in: path name: id required: true description: The ID of the group to list identities for. responses: '200': description: Default Response content: application/json: schema: type: object properties: machineIdentities: type: array items: type: object properties: id: type: string format: uuid name: type: string isPartOfGroup: type: boolean joinedGroupAt: type: string format: date-time nullable: true required: - id - name - isPartOfGroup - joinedGroupAt additionalProperties: false totalCount: type: number required: - machineIdentities - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/members: get: operationId: listGroupMembers tags: - Groups parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th member. - schema: type: number minimum: 1 maximum: 100 default: 10 in: query name: limit required: false description: The number of members to return. - schema: type: string in: query name: search required: false description: The text string that member email(in case of users) or name(in case of machine identities) will be filtered by. - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The column to order members by. - schema: type: string enum: - asc - desc in: query name: orderDirection required: false description: The direction to order members in. - schema: anyOf: - type: string enum: - users - machineIdentities - type: array items: type: string enum: - users - machineIdentities in: query name: memberTypeFilter required: false description: Filter members by type. Can be a single value ('users' or 'machineIdentities') or an array of values. If not specified, both users and machine identities will be returned. - schema: type: string in: path name: id required: true description: The ID of the group to list members for. responses: '200': description: Default Response content: application/json: schema: type: object properties: members: type: array items: anyOf: - type: object properties: id: type: string joinedGroupAt: type: string format: date-time nullable: true type: type: string enum: - user user: type: object properties: id: type: string format: uuid firstName: type: string nullable: true lastName: type: string nullable: true email: type: string nullable: true username: type: string required: - id - username additionalProperties: false required: - id - joinedGroupAt - type - user additionalProperties: false - type: object properties: id: type: string joinedGroupAt: type: string format: date-time nullable: true type: type: string enum: - machineIdentity machineIdentity: type: object properties: id: type: string format: uuid name: type: string required: - id - name additionalProperties: false required: - id - joinedGroupAt - type - machineIdentity additionalProperties: false totalCount: type: number required: - members - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/projects: get: operationId: listGroupProjects tags: - Groups parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th project. - schema: type: number minimum: 1 maximum: 100 default: 10 in: query name: limit required: false description: The number of projects to return. - schema: type: string in: query name: search required: false description: The text string that project name or slug will be filtered by. - schema: type: string enum: - assignedProjects - unassignedProjects in: query name: filter required: false description: Whether to filter the list of returned projects. 'assignedProjects' will only return projects assigned to the group, 'unassignedProjects' will only return projects not assigned to the group, undefined will return all projects in the organization. - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The column to order projects by. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction to order projects in. - schema: type: string in: path name: id required: true description: The ID of the group to list projects for. responses: '200': description: Default Response content: application/json: schema: type: object properties: projects: type: array items: type: object properties: id: type: string name: type: string slug: type: string description: type: string nullable: true type: type: string joinedGroupAt: type: string format: date-time nullable: true required: - id - name - slug - type - joinedGroupAt additionalProperties: false totalCount: type: number required: - projects - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/users/{username}: post: operationId: addUserToGroup tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to add the user to. - schema: type: string in: path name: username required: true description: The username of the user to add to the group. responses: '200': description: Default Response content: application/json: schema: type: object properties: email: type: string nullable: true username: type: string firstName: type: string nullable: true lastName: type: string nullable: true id: type: string format: uuid required: - username - id additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeUserFromGroup tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to remove the user from. - schema: type: string in: path name: username required: true description: The username of the user to remove from the group. responses: '200': description: Default Response content: application/json: schema: type: object properties: email: type: string nullable: true username: type: string firstName: type: string nullable: true lastName: type: string nullable: true id: type: string format: uuid required: - username - id additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/groups/{id}/machine-identities/{machineIdentityId}: post: operationId: addMachineIdentityToGroup tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to add the machine identity to. - schema: type: string in: path name: machineIdentityId required: true description: The ID of the machine identity to add to the group. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string required: - id additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeMachineIdentityFromGroup tags: - Groups parameters: - schema: type: string in: path name: id required: true description: The ID of the group to remove the machine identity from. - schema: type: string in: path name: machineIdentityId required: true description: The ID of the machine identity to remove from the group. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string required: - id additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/additional-privilege/identity/permanent: post: tags: - Identity Specific Privileges description: Create a permanent or a non expiry specific privilege for identity. requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string minLength: 1 description: The ID of the machine identity to create. projectSlug: type: string minLength: 1 description: The slug of the project of the identity in. slug: type: string minLength: 1 maxLength: 60 description: The slug of the privilege to create. permissions: type: array items: type: object properties: action: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' subject: type: string enum: - role - member - groups - settings - integrations - webhooks - service-tokens - environments - tags - audit-logs - ip-allowlist - workspace - secrets - secret-folders - secret-imports - dynamic-secrets - secret-rollback - secret-approval - secret-approval-request - secret-rotation - commits - identity - certificate-authorities - certificates - certificate-templates - ssh-certificate-authorities - ssh-certificates - ssh-certificate-templates - ssh-hosts - ssh-host-groups - pki-subscribers - pki-alerts - pki-collections - certificate-inventory-views - kms - cmek - secret-syncs - pki-syncs - pki-discovery - pki-certificate-installations - code-signers - kmip - secret-scanning-data-sources - secret-scanning-findings - secret-scanning-configs - secret-event-subscriptions - app-connections - pam-folders - pam-resources - pam-domains - pam-accounts - pam-sessions - pam-account-policies - pam-discovery - pam-insights - certificate-profiles - certificate-policies - certificate-application - approval-requests - approval-request-grants - mcp-endpoints - mcp-servers - mcp-activity-logs - honey-tokens - insights description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - action - subject additionalProperties: false description: '@deprecated - use privilegePermission The permission object for the privilege. - Read secrets ``` { "permissions": [{"action": "read", "subject": "secrets"]} ``` - Read and Write secrets ``` { "permissions": [{"action": "read", "subject": "secrets"], {"action": "write", "subject": "secrets"]} ``` - Read secrets scoped to an environment and secret path ``` - { "permissions": [{"action": "read", "subject": "secrets", "conditions": { "environment": "dev", "secretPath": { "$glob": "/" } }}] } ``` ' privilegePermission: type: object properties: actions: type: array items: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' minItems: 1 subject: type: string enum: - secrets description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false required: - environment additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - actions - subject - conditions additionalProperties: false description: The permission object for the privilege. required: - identityId - projectSlug additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/additional-privilege/identity/temporary: post: tags: - Identity Specific Privileges description: Create a temporary or a expiring specific privilege for identity. requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string minLength: 1 description: The ID of the machine identity to create. projectSlug: type: string minLength: 1 description: The slug of the project of the identity in. slug: type: string minLength: 1 maxLength: 60 description: The slug of the privilege to create. permissions: type: array items: type: object properties: action: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' subject: type: string enum: - role - member - groups - settings - integrations - webhooks - service-tokens - environments - tags - audit-logs - ip-allowlist - workspace - secrets - secret-folders - secret-imports - dynamic-secrets - secret-rollback - secret-approval - secret-approval-request - secret-rotation - commits - identity - certificate-authorities - certificates - certificate-templates - ssh-certificate-authorities - ssh-certificates - ssh-certificate-templates - ssh-hosts - ssh-host-groups - pki-subscribers - pki-alerts - pki-collections - certificate-inventory-views - kms - cmek - secret-syncs - pki-syncs - pki-discovery - pki-certificate-installations - code-signers - kmip - secret-scanning-data-sources - secret-scanning-findings - secret-scanning-configs - secret-event-subscriptions - app-connections - pam-folders - pam-resources - pam-domains - pam-accounts - pam-sessions - pam-account-policies - pam-discovery - pam-insights - certificate-profiles - certificate-policies - certificate-application - approval-requests - approval-request-grants - mcp-endpoints - mcp-servers - mcp-activity-logs - honey-tokens - insights description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - action - subject additionalProperties: false description: '@deprecated - use privilegePermission The permission object for the privilege. - Read secrets ``` { "permissions": [{"action": "read", "subject": "secrets"]} ``` - Read and Write secrets ``` { "permissions": [{"action": "read", "subject": "secrets"], {"action": "write", "subject": "secrets"]} ``` - Read secrets scoped to an environment and secret path ``` - { "permissions": [{"action": "read", "subject": "secrets", "conditions": { "environment": "dev", "secretPath": { "$glob": "/" } }}] } ``` ' privilegePermission: type: object properties: actions: type: array items: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' minItems: 1 subject: type: string enum: - secrets description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false required: - environment additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - actions - subject - conditions additionalProperties: false description: The permission object for the privilege. temporaryMode: type: string enum: - relative description: 'Type of temporary access given. Types: relative.' temporaryRange: type: string description: 'TTL for the temporary time. Eg: 1m, 1h, 1d.' temporaryAccessStartTime: type: string format: date-time description: ISO time for which temporary access should begin. required: - identityId - projectSlug - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/additional-privilege/identity: patch: tags: - Identity Specific Privileges description: Update a specific privilege of an identity. requestBody: required: true content: application/json: schema: type: object properties: privilegeSlug: type: string minLength: 1 description: The slug of the privilege to update. identityId: type: string minLength: 1 description: The ID of the machine identity to update. projectSlug: type: string minLength: 1 description: The slug of the project of the identity in. privilegeDetails: type: object properties: slug: type: string minLength: 1 maxLength: 60 description: The new slug of the privilege to update. permissions: type: array items: type: object properties: action: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' subject: type: string enum: - role - member - groups - settings - integrations - webhooks - service-tokens - environments - tags - audit-logs - ip-allowlist - workspace - secrets - secret-folders - secret-imports - dynamic-secrets - secret-rollback - secret-approval - secret-approval-request - secret-rotation - commits - identity - certificate-authorities - certificates - certificate-templates - ssh-certificate-authorities - ssh-certificates - ssh-certificate-templates - ssh-hosts - ssh-host-groups - pki-subscribers - pki-alerts - pki-collections - certificate-inventory-views - kms - cmek - secret-syncs - pki-syncs - pki-discovery - pki-certificate-installations - code-signers - kmip - secret-scanning-data-sources - secret-scanning-findings - secret-scanning-configs - secret-event-subscriptions - app-connections - pam-folders - pam-resources - pam-domains - pam-accounts - pam-sessions - pam-account-policies - pam-discovery - pam-insights - certificate-profiles - certificate-policies - certificate-application - approval-requests - approval-request-grants - mcp-endpoints - mcp-servers - mcp-activity-logs - honey-tokens - insights description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - action - subject additionalProperties: false description: '@deprecated - use privilegePermission The permission object for the privilege. - Read secrets ``` { "permissions": [{"action": "read", "subject": "secrets"]} ``` - Read and Write secrets ``` { "permissions": [{"action": "read", "subject": "secrets"], {"action": "write", "subject": "secrets"]} ``` - Read secrets scoped to an environment and secret path ``` - { "permissions": [{"action": "read", "subject": "secrets", "conditions": { "environment": "dev", "secretPath": { "$glob": "/" } }}] } ``` ' privilegePermission: type: object properties: actions: type: array items: type: string enum: - read - create - edit - delete description: 'Describe what action an entity can take. Possible actions: create, edit, delete, and read' minItems: 1 subject: type: string enum: - secrets description: 'The entity this permission pertains to. Possible options: secrets, environments' conditions: type: object properties: environment: type: string description: The environment slug this permission should allow. secretPath: type: object properties: $glob: type: string minLength: 1 description: 'The secret path this permission should allow. Can be a glob pattern such as /folder-name/*/** ' required: - $glob additionalProperties: false required: - environment additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - actions - subject - conditions additionalProperties: false description: The permission object for the privilege. isTemporary: type: boolean description: Whether the privilege is temporary. temporaryMode: type: string enum: - relative description: 'Type of temporary access given. Types: relative.' temporaryRange: type: string description: 'TTL for the temporary time. Eg: 1m, 1h, 1d.' temporaryAccessStartTime: type: string format: date-time description: ISO time for which temporary access should begin. additionalProperties: false required: - privilegeSlug - identityId - projectSlug - privilegeDetails additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Identity Specific Privileges description: Delete a specific privilege of an identity. requestBody: required: true content: application/json: schema: type: object properties: privilegeSlug: type: string minLength: 1 description: The slug of the privilege to delete. identityId: type: string minLength: 1 description: The ID of the machine identity to delete. projectSlug: type: string minLength: 1 description: The slug of the project of the identity in. required: - privilegeSlug - identityId - projectSlug additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Identity Specific Privileges description: List of a specific privilege of an identity in a project. parameters: - schema: type: string minLength: 1 in: query name: identityId required: true description: The ID of the machine identity to list. - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project of the identity in. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privileges: type: array items: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privileges additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/additional-privilege/identity/{privilegeSlug}: get: tags: - Identity Specific Privileges description: Retrieve details of a specific privilege by privilege slug. parameters: - schema: type: string minLength: 1 in: query name: identityId required: true description: The ID of the machine identity to list. - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project of the identity in. - schema: type: string minLength: 1 in: path name: privilegeSlug required: true description: The slug of the privilege. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string projectMembershipId: type: string format: uuid isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - projectMembershipId - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identity-templates: post: description: Create identity auth template requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 authMethod: type: string enum: - ldap templateFields: type: object properties: url: type: string minLength: 1 bindDN: type: string minLength: 1 bindPass: type: string minLength: 1 searchBase: type: string minLength: 1 ldapCaCertificate: type: string required: - url - bindDN - bindPass - searchBase additionalProperties: false required: - name - authMethod - templateFields additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid templateFields: type: object additionalProperties: {} orgId: type: string format: uuid name: type: string authMethod: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - templateFields - orgId - name - authMethod - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: description: Get identity auth templates by authentication method parameters: - schema: type: string enum: - ldap in: query name: authMethod required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid templateFields: type: object properties: url: type: string minLength: 1 bindDN: type: string minLength: 1 bindPass: type: string minLength: 1 searchBase: type: string minLength: 1 ldapCaCertificate: type: string required: - url - bindDN - bindPass - searchBase additionalProperties: false orgId: type: string format: uuid name: type: string authMethod: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - templateFields - orgId - name - authMethod - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identity-templates/{templateId}: patch: description: Update identity auth template requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 templateFields: type: object properties: url: type: string minLength: 1 bindDN: type: string minLength: 1 bindPass: type: string minLength: 1 searchBase: type: string minLength: 1 ldapCaCertificate: type: string additionalProperties: false additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: templateId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid templateFields: type: object additionalProperties: {} orgId: type: string format: uuid name: type: string authMethod: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - templateFields - orgId - name - authMethod - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: description: Delete identity auth template parameters: - schema: type: string minLength: 1 in: path name: templateId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: description: Get identity auth template by ID parameters: - schema: type: string minLength: 1 in: path name: templateId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid templateFields: type: object properties: url: type: string minLength: 1 bindDN: type: string minLength: 1 bindPass: type: string minLength: 1 searchBase: type: string minLength: 1 ldapCaCertificate: type: string required: - url - bindDN - bindPass - searchBase additionalProperties: false orgId: type: string format: uuid name: type: string authMethod: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - templateFields - orgId - name - authMethod - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identity-templates/search: get: description: List identity auth templates parameters: - schema: type: number exclusiveMinimum: true minimum: 0 maximum: 100 default: 5 in: query name: limit required: false - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: string in: query name: search required: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: templates: type: array items: type: object properties: id: type: string format: uuid templateFields: type: object properties: url: type: string minLength: 1 bindDN: type: string minLength: 1 bindPass: type: string minLength: 1 searchBase: type: string minLength: 1 ldapCaCertificate: type: string required: - url - bindDN - bindPass - searchBase additionalProperties: false orgId: type: string format: uuid name: type: string authMethod: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - templateFields - orgId - name - authMethod - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - templates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identity-templates/{templateId}/usage: get: description: Get template usage by template ID parameters: - schema: type: string in: path name: templateId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: identityId: type: string identityName: type: string required: - identityId - identityName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identity-templates/{templateId}/delete-usage: post: description: Unlink identity auth template usage requestBody: required: true content: application/json: schema: type: object properties: identityIds: type: array items: type: string required: - identityIds additionalProperties: false parameters: - schema: type: string in: path name: templateId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: authId: type: string identityId: type: string identityName: type: string required: - authId - identityId - identityName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/project-templates: get: tags: - Project Templates description: List project templates for the current organization. parameters: - schema: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai in: query name: type required: false description: The type of project template to list. responses: '200': description: Default Response content: application/json: schema: type: object properties: projectTemplates: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false required: - name - slug - permissions additionalProperties: false environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time type: type: string default: secret-manager projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string required: - name - roles additionalProperties: false nullable: true users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string required: - username - roles additionalProperties: false nullable: true groups: type: array items: type: object properties: groupSlug: type: string roles: type: array items: type: string required: - groupSlug - roles additionalProperties: false nullable: true identities: type: array items: type: object properties: identityId: type: string format: uuid identityName: type: string roles: type: array items: type: string required: - identityId - identityName - roles additionalProperties: false nullable: true required: - id - name - roles - environments - orgId - createdAt - updatedAt - projectManagedIdentities - users - groups - identities additionalProperties: false required: - projectTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - Project Templates description: Create a project template. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the project template to be created. Must be slug-friendly. description: type: string maxLength: 256 description: An optional description of the project template. roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false required: - name - slug - permissions additionalProperties: false default: [] description: The roles to be created when the template is applied to a project. type: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai description: The type of project template to be created. environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true description: The environments to be created when the template is applied to a project. users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - username - roles additionalProperties: false default: [] description: The users to be automatically added to projects created from this template. Each user is identified by username and assigned one or more roles. groups: type: array items: type: object properties: groupSlug: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - groupSlug - roles additionalProperties: false default: [] description: The groups to be automatically added to projects created from this template. Each group is identified by slug and assigned one or more roles. identities: type: array items: type: object properties: identityId: type: string format: uuid roles: type: array items: type: string minLength: 1 minItems: 1 required: - identityId - roles additionalProperties: false default: [] description: The organization-owned identities to be automatically added to projects created from this template. Each identity is identified by ID and assigned one or more roles. projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - name - roles additionalProperties: false default: [] description: The project-owned identities to be automatically created for projects created from this template. Each identity is identified by name and assigned one or more roles. required: - name - type additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: projectTemplate: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false required: - name - slug - permissions additionalProperties: false environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time type: type: string default: secret-manager projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string required: - name - roles additionalProperties: false nullable: true users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string required: - username - roles additionalProperties: false nullable: true groups: type: array items: type: object properties: groupSlug: type: string roles: type: array items: type: string required: - groupSlug - roles additionalProperties: false nullable: true identities: type: array items: type: object properties: identityId: type: string format: uuid identityName: type: string roles: type: array items: type: string required: - identityId - identityName - roles additionalProperties: false nullable: true required: - id - name - roles - environments - orgId - createdAt - updatedAt - projectManagedIdentities - users - groups - identities additionalProperties: false required: - projectTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/project-templates/{templateId}: get: tags: - Project Templates description: Get a project template by ID. parameters: - schema: type: string format: uuid in: path name: templateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectTemplate: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false required: - name - slug - permissions additionalProperties: false environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time type: type: string default: secret-manager projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string required: - name - roles additionalProperties: false nullable: true users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string required: - username - roles additionalProperties: false nullable: true groups: type: array items: type: object properties: groupSlug: type: string roles: type: array items: type: string required: - groupSlug - roles additionalProperties: false nullable: true identities: type: array items: type: object properties: identityId: type: string format: uuid identityName: type: string roles: type: array items: type: string required: - identityId - identityName - roles additionalProperties: false nullable: true required: - id - name - roles - environments - orgId - createdAt - updatedAt - projectManagedIdentities - users - groups - identities additionalProperties: false required: - projectTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Project Templates description: Update a project template. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the project template. Must be slug-friendly. description: type: string maxLength: 256 description: The updated description of the project template. roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false required: - name - slug - permissions additionalProperties: false description: The updated roles to be created when the template is applied to a project. environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true description: The updated environments to be created when the template is applied to a project. users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - username - roles additionalProperties: false nullable: true description: The updated users to be automatically added to projects created from this template. Each user is identified by username and assigned one or more roles. groups: type: array items: type: object properties: groupSlug: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - groupSlug - roles additionalProperties: false nullable: true description: The updated groups to be automatically added to projects created from this template. Each group is identified by slug and assigned one or more roles. identities: type: array items: type: object properties: identityId: type: string format: uuid roles: type: array items: type: string minLength: 1 minItems: 1 required: - identityId - roles additionalProperties: false nullable: true description: The updated organization-owned identities to be automatically added to projects created from this template. Each identity is identified by ID and assigned one or more roles. projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string minLength: 1 minItems: 1 required: - name - roles additionalProperties: false nullable: true description: The updated project-owned identities to be automatically created for projects created from this template. Each identity is identified by name and assigned one or more roles. additionalProperties: false parameters: - schema: type: string format: uuid in: path name: templateId required: true description: The ID of the project template to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: projectTemplate: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false required: - name - slug - permissions additionalProperties: false environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time type: type: string default: secret-manager projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string required: - name - roles additionalProperties: false nullable: true users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string required: - username - roles additionalProperties: false nullable: true groups: type: array items: type: object properties: groupSlug: type: string roles: type: array items: type: string required: - groupSlug - roles additionalProperties: false nullable: true identities: type: array items: type: object properties: identityId: type: string format: uuid identityName: type: string roles: type: array items: type: string required: - identityId - identityName - roles additionalProperties: false nullable: true required: - id - name - roles - environments - orgId - createdAt - updatedAt - projectManagedIdentities - users - groups - identities additionalProperties: false required: - projectTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Templates description: Delete a project template. parameters: - schema: type: string format: uuid in: path name: templateId required: true description: The ID of the project template to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: projectTemplate: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true roles: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false required: - name - slug - permissions additionalProperties: false environments: type: array items: type: object properties: name: type: string minLength: 1 slug: type: string minLength: 1 maxLength: 64 position: type: number minimum: 1 required: - name - slug - position additionalProperties: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time type: type: string default: secret-manager projectManagedIdentities: type: array items: type: object properties: name: type: string minLength: 1 roles: type: array items: type: string required: - name - roles additionalProperties: false nullable: true users: type: array items: type: object properties: username: type: string minLength: 1 roles: type: array items: type: string required: - username - roles additionalProperties: false nullable: true groups: type: array items: type: object properties: groupSlug: type: string roles: type: array items: type: string required: - groupSlug - roles additionalProperties: false nullable: true identities: type: array items: type: object properties: identityId: type: string format: uuid identityName: type: string roles: type: array items: type: string required: - identityId - identityName - roles additionalProperties: false nullable: true required: - id - name - roles - environments - orgId - createdAt - updatedAt - projectManagedIdentities - users - groups - identities additionalProperties: false required: - projectTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token-auth/identities/{identityId}: post: operationId: attachTokenAuth tags: - Token Auth description: Attach Token Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTokenAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId additionalProperties: false required: - identityTokenAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTokenAuth tags: - Token Auth description: Update Token Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 description: The new maximum lifetime for an access token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTokenAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId additionalProperties: false required: - identityTokenAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getTokenAuth tags: - Token Auth description: Retrieve Token Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTokenAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId additionalProperties: false required: - identityTokenAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTokenAuth tags: - Token Auth description: Delete Token Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTokenAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId additionalProperties: false required: - identityTokenAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token-auth/identities/{identityId}/tokens: post: operationId: createTokenAuthToken tags: - Token Auth description: Create token for machine identity with Token Auth requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the token to create. organizationSlug: type: string minLength: 1 maxLength: 64 description: The sub organization name to scope the token to. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to create the token for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer tokenData: type: object properties: id: type: string accessTokenTTL: type: number default: 2592000 accessTokenMaxTTL: type: number default: 2592000 accessTokenNumUses: type: number default: 0 accessTokenNumUsesLimit: type: number default: 0 accessTokenLastUsedAt: type: string format: date-time nullable: true accessTokenLastRenewedAt: type: string format: date-time nullable: true isAccessTokenRevoked: type: boolean default: false identityUAClientSecretId: type: string nullable: true identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time name: type: string nullable: true authMethod: type: string accessTokenPeriod: type: number default: 0 subOrganizationId: type: string format: uuid nullable: true required: - id - identityId - createdAt - updatedAt - authMethod additionalProperties: false required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType - tokenData additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getTokenAuthTokens tags: - Token Auth description: Get tokens for machine identity with Token Auth parameters: - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th token. - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false description: The number of tokens to return. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to list token metadata for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: tokens: type: array items: type: object properties: id: type: string accessTokenTTL: type: number default: 2592000 accessTokenMaxTTL: type: number default: 2592000 accessTokenNumUses: type: number default: 0 accessTokenNumUsesLimit: type: number default: 0 accessTokenLastUsedAt: type: string format: date-time nullable: true accessTokenLastRenewedAt: type: string format: date-time nullable: true isAccessTokenRevoked: type: boolean default: false identityUAClientSecretId: type: string nullable: true identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time name: type: string nullable: true authMethod: type: string accessTokenPeriod: type: number default: 0 subOrganizationId: type: string format: uuid nullable: true required: - id - identityId - createdAt - updatedAt - authMethod additionalProperties: false required: - tokens additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token-auth/tokens/{tokenId}: get: operationId: getTokenAuthTokenById tags: - Token Auth description: Get token for machine identity with Token Auth parameters: - schema: type: string in: path name: tokenId required: true description: The ID of the token to get metadata for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: token: type: object properties: id: type: string accessTokenTTL: type: number default: 2592000 accessTokenMaxTTL: type: number default: 2592000 accessTokenNumUses: type: number default: 0 accessTokenNumUsesLimit: type: number default: 0 accessTokenLastUsedAt: type: string format: date-time nullable: true accessTokenLastRenewedAt: type: string format: date-time nullable: true isAccessTokenRevoked: type: boolean default: false identityUAClientSecretId: type: string nullable: true identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time name: type: string nullable: true authMethod: type: string accessTokenPeriod: type: number default: 0 subOrganizationId: type: string format: uuid nullable: true required: - id - identityId - createdAt - updatedAt - authMethod additionalProperties: false required: - token additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTokenAuthToken tags: - Token Auth description: Update token for machine identity with Token Auth requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the token to update to. additionalProperties: false parameters: - schema: type: string in: path name: tokenId required: true description: The ID of the token to update metadata for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: token: type: object properties: id: type: string accessTokenTTL: type: number default: 2592000 accessTokenMaxTTL: type: number default: 2592000 accessTokenNumUses: type: number default: 0 accessTokenNumUsesLimit: type: number default: 0 accessTokenLastUsedAt: type: string format: date-time nullable: true accessTokenLastRenewedAt: type: string format: date-time nullable: true isAccessTokenRevoked: type: boolean default: false identityUAClientSecretId: type: string nullable: true identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time name: type: string nullable: true authMethod: type: string accessTokenPeriod: type: number default: 0 subOrganizationId: type: string format: uuid nullable: true required: - id - identityId - createdAt - updatedAt - authMethod additionalProperties: false required: - token additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token-auth/tokens/{tokenId}/revoke: post: operationId: revokeTokenAuthToken tags: - Token Auth description: Revoke token for machine identity with Token Auth parameters: - schema: type: string in: path name: tokenId required: true description: The ID of the token to revoke. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/login: post: operationId: loginWithUniversalAuth tags: - Universal Auth description: Login with Universal Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: clientId: type: string description: Your Machine Identity Client ID. clientSecret: type: string description: Your Machine Identity Client Secret. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - clientId - clientSecret additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/identities/{identityId}: post: operationId: attachUniversalAuth tags: - Universal Auth description: Attach Universal Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: clientSecretTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: A list of IPs or CIDR ranges that the Client Secret can be used from together with the Client ID to get back an access token. You can use 0.0.0.0/0, to allow usage from any network address. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. This value will be referenced at renewal time. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. accessTokenPeriod: type: integer minimum: 0 default: 0 description: The period for an access token in seconds. This value will be referenced at renewal time. Default value is 0. lockoutEnabled: type: boolean default: true description: Whether the lockout feature is enabled. lockoutThreshold: type: number minimum: 1 maximum: 30 default: 3 description: The amount of times login must fail before locking the identity auth method. lockoutDurationSeconds: type: number minimum: 30 maximum: 86400 default: 300 description: How long an identity auth method lockout lasts. lockoutCounterResetSeconds: type: number minimum: 5 maximum: 3600 default: 30 description: How long to wait from the most recent failed login until resetting the lockout counter. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityUniversalAuth: type: object properties: id: type: string format: uuid clientId: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 clientSecretTrustedIps: {} accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - clientId - createdAt - updatedAt - identityId additionalProperties: false required: - identityUniversalAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateUniversalAuth tags: - Universal Auth description: Update Universal Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: clientSecretTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new list of IPs or CIDR ranges that the Client Secret can be used from. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new list of IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 description: The new maximum lifetime for an access token in seconds. accessTokenPeriod: type: integer minimum: 0 maximum: 315360000 description: The new period for an access token in seconds. lockoutEnabled: type: boolean description: Whether the lockout feature is enabled. lockoutThreshold: type: number minimum: 1 maximum: 30 description: The amount of times login must fail before locking the identity auth method. lockoutDurationSeconds: type: number minimum: 30 maximum: 86400 description: How long an identity auth method lockout lasts. lockoutCounterResetSeconds: type: number minimum: 5 maximum: 3600 description: How long to wait from the most recent failed login until resetting the lockout counter. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityUniversalAuth: type: object properties: id: type: string format: uuid clientId: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 clientSecretTrustedIps: {} accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - clientId - createdAt - updatedAt - identityId additionalProperties: false required: - identityUniversalAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getUniversalAuth tags: - Universal Auth description: Retrieve Universal Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityUniversalAuth: type: object properties: id: type: string format: uuid clientId: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 clientSecretTrustedIps: {} accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - clientId - createdAt - updatedAt - identityId additionalProperties: false required: - identityUniversalAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteUniversalAuth tags: - Universal Auth description: Delete Universal Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityUniversalAuth: type: object properties: id: type: string format: uuid clientId: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 clientSecretTrustedIps: {} accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid accessTokenPeriod: type: number default: 0 lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - clientId - createdAt - updatedAt - identityId additionalProperties: false required: - identityUniversalAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/identities/{identityId}/client-secrets: post: operationId: createUniversalAuthClientSecret tags: - Universal Auth description: Create Universal Auth Client Secret for machine identity requestBody: required: true content: application/json: schema: type: object properties: description: type: string default: '' description: The description of the client secret. numUsesLimit: type: number minimum: 0 default: 0 description: The maximum number of times that the client secret can be used; a value of 0 implies infinite number of uses. ttl: type: number minimum: 0 maximum: 315360000 default: 0 description: The lifetime for the client secret in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to create a client secret for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: clientSecret: type: string clientSecretData: type: object properties: id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time description: type: string clientSecretPrefix: type: string clientSecretNumUses: type: number default: 0 clientSecretNumUsesLimit: type: number default: 0 clientSecretTTL: type: number default: 0 identityUAId: type: string format: uuid isClientSecretRevoked: type: boolean default: false required: - id - createdAt - updatedAt - description - clientSecretPrefix - identityUAId additionalProperties: false required: - clientSecret - clientSecretData additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listUniversalAuthClientSecrets tags: - Universal Auth description: List Universal Auth Client Secrets for machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to list client secrets for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: clientSecretData: type: array items: type: object properties: id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time description: type: string clientSecretPrefix: type: string clientSecretNumUses: type: number default: 0 clientSecretNumUsesLimit: type: number default: 0 clientSecretTTL: type: number default: 0 identityUAId: type: string format: uuid isClientSecretRevoked: type: boolean default: false required: - id - createdAt - updatedAt - description - clientSecretPrefix - identityUAId additionalProperties: false required: - clientSecretData additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}: get: operationId: getUniversalAuthClientSecret tags: - Universal Auth description: Get Universal Auth Client Secret for machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get the client secret from. - schema: type: string in: path name: clientSecretId required: true description: The ID of the client secret to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: clientSecretData: type: object properties: id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time description: type: string clientSecretPrefix: type: string clientSecretNumUses: type: number default: 0 clientSecretNumUsesLimit: type: number default: 0 clientSecretTTL: type: number default: 0 identityUAId: type: string format: uuid isClientSecretRevoked: type: boolean default: false required: - id - createdAt - updatedAt - description - clientSecretPrefix - identityUAId additionalProperties: false required: - clientSecretData additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/identities/{identityId}/client-secrets/{clientSecretId}/revoke: post: operationId: revokeUniversalAuthClientSecret tags: - Universal Auth description: Revoke Universal Auth Client Secrets for machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the client secret from. - schema: type: string in: path name: clientSecretId required: true description: The ID of the client secret to revoke. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: clientSecretData: type: object properties: id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time description: type: string clientSecretPrefix: type: string clientSecretNumUses: type: number default: 0 clientSecretNumUsesLimit: type: number default: 0 clientSecretTTL: type: number default: 0 identityUAId: type: string format: uuid isClientSecretRevoked: type: boolean default: false required: - id - createdAt - updatedAt - description - clientSecretPrefix - identityUAId additionalProperties: false required: - clientSecretData additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/universal-auth/identities/{identityId}/clear-lockouts: post: operationId: clearUniversalAuthLockouts tags: - Universal Auth description: Clear Universal Auth Lockouts for machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to clear the client lockouts from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: deleted: type: number required: - deleted additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/kubernetes-auth/login: post: operationId: loginWithKubernetesAuth tags: - Kubernetes Auth description: Login with Kubernetes Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/kubernetes-auth/identities/{identityId}: post: operationId: attachKubernetesAuth tags: - Kubernetes Auth description: Attach Kubernetes Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: kubernetesHost: type: string minLength: 1 nullable: true description: The host string, host:port pair, or URL to the base of the Kubernetes API server. caCert: type: string description: The PEM-encoded CA certificate used to validate the Kubernetes API server's TLS certificate. Required when verifyTlsCertificate is true. Supplying a non-empty caCert always implies verifyTlsCertificate=true; explicitly setting the toggle to false in the same request is rejected. verifyTlsCertificate: type: boolean description: Whether to verify the Kubernetes API server's TLS certificate against the configured CA certificate. When true, caCert is required. When false, the connection is still over HTTPS but the API server's certificate is not verified, and caCert must be empty. If omitted, defaults to true when caCert is provided and false otherwise. tokenReviewerJwt: type: string description: Optional JWT token for accessing Kubernetes TokenReview API. If provided, this long-lived token will be used to validate service account tokens during authentication. If omitted, the client's own JWT will be used instead, which requires the client to have the system:auth-delegator ClusterRole binding. tokenReviewMode: type: string enum: - api - gateway default: api description: 'The mode to use for token review. Must be one of: ''api'', ''gateway''. If gateway is selected, the gateway must be deployed in Kubernetes, and the gateway must have the system:auth-delegator ClusterRole binding.' allowedNamespaces: type: string description: The comma-separated list of trusted namespaces that service accounts must belong to authenticate with Infisical. allowedNames: type: string description: The comma-separated list of trusted service account names that can authenticate with Infisical. allowedAudience: type: string description: The optional audience claim that the service account JWT token must have to authenticate with Infisical. gatewayId: type: string format: uuid nullable: true description: The ID of the gateway to use when performing kubernetes API requests. gatewayPoolId: type: string format: uuid nullable: true accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - kubernetesHost - allowedNamespaces - allowedNames - allowedAudience additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityKubernetesAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time tokenReviewMode: type: string default: api identityId: type: string format: uuid kubernetesHost: type: string nullable: true allowedNamespaces: type: string allowedNames: type: string allowedAudience: type: string gatewayId: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true verifyTlsCertificate: type: boolean default: false caCert: type: string tokenReviewerJwt: type: string nullable: true required: - id - createdAt - updatedAt - identityId - allowedNamespaces - allowedNames - allowedAudience - caCert additionalProperties: false required: - identityKubernetesAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateKubernetesAuth tags: - Kubernetes Auth description: Update Kubernetes Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: kubernetesHost: type: string minLength: 1 nullable: true description: The new host string, host:port pair, or URL to the base of the Kubernetes API server. caCert: type: string description: The new PEM-encoded CA certificate used to validate the Kubernetes API server's TLS certificate. Required when verifyTlsCertificate is true. Supplying a non-empty caCert always implies verifyTlsCertificate=true; the update is rejected if the resulting effective state would store a CA together with verifyTlsCertificate=false. verifyTlsCertificate: type: boolean description: Whether to verify the Kubernetes API server's TLS certificate against the configured CA certificate. When true, caCert is required. When false, the connection is still over HTTPS but the API server's certificate is not verified, and the resulting effective CA must be empty. If omitted while supplying a non-empty caCert in the same update, the toggle is auto-promoted to true; otherwise the stored value is preserved. tokenReviewerJwt: type: string nullable: true description: Optional JWT token for accessing Kubernetes TokenReview API. If provided, this long-lived token will be used to validate service account tokens during authentication. If omitted, the client's own JWT will be used instead, which requires the client to have the system:auth-delegator ClusterRole binding. tokenReviewMode: type: string enum: - api - gateway description: 'The mode to use for token review. Must be one of: ''api'', ''gateway''. If gateway is selected, the gateway must be deployed in Kubernetes, and the gateway must have the system:auth-delegator ClusterRole binding.' allowedNamespaces: type: string description: The new comma-separated list of trusted namespaces that service accounts must belong to authenticate with Infisical. allowedNames: type: string description: The new comma-separated list of trusted service account names that can authenticate with Infisical. allowedAudience: type: string description: The new optional audience claim that the service account JWT token must have to authenticate with Infisical. gatewayId: type: string format: uuid nullable: true description: The ID of the gateway to use when performing kubernetes API requests. gatewayPoolId: type: string format: uuid nullable: true accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an acccess token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 description: The new maximum lifetime for an acccess token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityKubernetesAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time tokenReviewMode: type: string default: api identityId: type: string format: uuid kubernetesHost: type: string nullable: true allowedNamespaces: type: string allowedNames: type: string allowedAudience: type: string gatewayId: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true verifyTlsCertificate: type: boolean default: false caCert: type: string tokenReviewerJwt: type: string nullable: true required: - id - createdAt - updatedAt - identityId - allowedNamespaces - allowedNames - allowedAudience - caCert additionalProperties: false required: - identityKubernetesAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getKubernetesAuth tags: - Kubernetes Auth description: Retrieve Kubernetes Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityKubernetesAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time tokenReviewMode: type: string default: api identityId: type: string format: uuid kubernetesHost: type: string nullable: true allowedNamespaces: type: string allowedNames: type: string allowedAudience: type: string gatewayId: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true verifyTlsCertificate: type: boolean default: false caCert: type: string tokenReviewerJwt: type: string nullable: true required: - id - createdAt - updatedAt - identityId - allowedNamespaces - allowedNames - allowedAudience - caCert additionalProperties: false required: - identityKubernetesAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteKubernetesAuth tags: - Kubernetes Auth description: Delete Kubernetes Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityKubernetesAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time tokenReviewMode: type: string default: api identityId: type: string format: uuid kubernetesHost: type: string nullable: true allowedNamespaces: type: string allowedNames: type: string allowedAudience: type: string gatewayId: type: string format: uuid nullable: true gatewayPoolId: type: string format: uuid nullable: true verifyTlsCertificate: type: boolean default: false required: - id - createdAt - updatedAt - identityId - allowedNamespaces - allowedNames - allowedAudience additionalProperties: false required: - identityKubernetesAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/gcp-auth/login: post: operationId: loginWithGcpAuth tags: - GCP Auth description: Login with GCP Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/gcp-auth/identities/{identityId}: post: operationId: attachGcpAuth tags: - GCP Auth description: Attach GCP Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: type: type: string enum: - iam - gce allowedServiceAccounts: type: string default: '' description: The comma-separated list of trusted service account emails corresponding to the GCE resource(s) allowed to authenticate with Infisical. allowedProjects: type: string default: '' description: The comma-separated list of trusted GCP projects that the GCE instance must belong to authenticate with Infisical. allowedZones: type: string default: '' description: The comma-separated list of trusted zones that the GCE instances must belong to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - type additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityGcpAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedServiceAccounts: type: string nullable: true allowedProjects: type: string nullable: true allowedZones: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type additionalProperties: false required: - identityGcpAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGcpAuth tags: - GCP Auth description: Update GCP Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: type: type: string enum: - iam - gce allowedServiceAccounts: type: string default: '' description: The new comma-separated list of trusted service account emails corresponding to the GCE resource(s) allowed to authenticate with Infisical. allowedProjects: type: string default: '' description: The new comma-separated list of trusted GCP projects that the GCE instance must belong to authenticate with Infisical. allowedZones: type: string default: '' description: The new comma-separated list of trusted zones that the GCE instances must belong to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 description: The new maximum lifetime for an access token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityGcpAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedServiceAccounts: type: string nullable: true allowedProjects: type: string nullable: true allowedZones: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type additionalProperties: false required: - identityGcpAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getGcpAuth tags: - GCP Auth description: Retrieve GCP Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityGcpAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedServiceAccounts: type: string nullable: true allowedProjects: type: string nullable: true allowedZones: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type additionalProperties: false required: - identityGcpAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGcpAuth tags: - GCP Auth description: Delete GCP Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityGcpAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedServiceAccounts: type: string nullable: true allowedProjects: type: string nullable: true allowedZones: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type additionalProperties: false required: - identityGcpAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token/renew: post: operationId: renewIdentityAccessToken tags: - Universal Auth description: Renew machine identity access token requestBody: required: true content: application/json: schema: type: object properties: accessToken: type: string description: The access token to renew. required: - accessToken additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/token/revoke: post: operationId: revokeIdentityAccessToken tags: - Universal Auth description: Revoke machine identity access token requestBody: required: true content: application/json: schema: type: object properties: accessToken: type: string description: The access token to revoke. required: - accessToken additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/alicloud-auth/login: post: operationId: loginWithAlicloudAuth tags: - Alibaba Cloud Auth description: Login with Alibaba Cloud Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. Action: type: string enum: - GetCallerIdentity description: The Alibaba Cloud API action. For STS GetCallerIdentity, this should be 'GetCallerIdentity'. Format: type: string enum: - JSON description: The response format. For STS GetCallerIdentity, this should be 'JSON'. Version: type: string description: The API version. This should be in 'YYYY-MM-DD' format (e.g., '2015-04-01'). AccessKeyId: type: string description: The AccessKey ID of the RAM user or STS token. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. SignatureMethod: type: string enum: - HMAC-SHA1 description: The signature algorithm. For STS GetCallerIdentity, this should be 'HMAC-SHA1'. Timestamp: type: string format: date-time description: The timestamp of the request in UTC, formatted as 'YYYY-MM-DDTHH:mm:ssZ'. SignatureVersion: type: string enum: - '1.0' description: The signature version. For STS GetCallerIdentity, this should be '1.0'. SignatureNonce: type: string description: A unique random string to prevent replay attacks. Signature: type: string description: The signature string calculated based on the request parameters and AccessKey Secret. required: - identityId - Action - Format - Version - AccessKeyId - SignatureMethod - Timestamp - SignatureVersion - SignatureNonce - Signature additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/alicloud-auth/identities/{identityId}: post: operationId: attachAlicloudAuth tags: - Alibaba Cloud Auth description: Attach Alibaba Cloud Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: allowedArns: type: string minLength: 1 maxLength: 500 description: The comma-separated list of trusted ARNs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - allowedArns additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAliCloudAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedArns: type: string required: - id - createdAt - updatedAt - identityId - type - allowedArns additionalProperties: false required: - identityAliCloudAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAlicloudAuth tags: - Alibaba Cloud Auth description: Update Alibaba Cloud Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: allowedArns: type: string minLength: 1 maxLength: 500 description: The comma-separated list of trusted ARNs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. required: - allowedArns additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAliCloudAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedArns: type: string required: - id - createdAt - updatedAt - identityId - type - allowedArns additionalProperties: false required: - identityAliCloudAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getAlicloudAuth tags: - Alibaba Cloud Auth description: Retrieve Alibaba Cloud Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAliCloudAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedArns: type: string required: - id - createdAt - updatedAt - identityId - type - allowedArns additionalProperties: false required: - identityAliCloudAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAlicloudAuth tags: - Alibaba Cloud Auth description: Delete Alibaba Cloud Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAliCloudAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string allowedArns: type: string required: - id - createdAt - updatedAt - identityId - type - allowedArns additionalProperties: false required: - identityAliCloudAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/aws-auth/login: post: operationId: loginWithAwsAuth tags: - AWS Auth description: Login with AWS Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. iamHttpRequestMethod: type: string default: POST description: The HTTP request method used in the signed request. iamRequestBody: type: string description: The base64-encoded body of the signed request. Most likely, the base64-encoding of Action=GetCallerIdentity&Version=2011-06-15. iamRequestHeaders: type: string description: The base64-encoded headers of the sts:GetCallerIdentity signed request. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - iamRequestBody - iamRequestHeaders additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/aws-auth/identities/{identityId}: post: operationId: attachAwsAuth tags: - AWS Auth description: Attach AWS Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: stsEndpoint: type: string minLength: 1 default: https://sts.amazonaws.com/ description: The endpoint URL for the AWS STS API. allowedPrincipalArns: type: string maxLength: 4096 default: '' description: The comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical. allowedAccountIds: type: string maxLength: 4096 default: '' description: The comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAwsAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string stsEndpoint: type: string allowedPrincipalArns: type: string allowedAccountIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - stsEndpoint - allowedPrincipalArns - allowedAccountIds additionalProperties: false required: - identityAwsAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsAuth tags: - AWS Auth description: Update AWS Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: stsEndpoint: type: string minLength: 1 description: The new endpoint URL for the AWS STS API. allowedPrincipalArns: type: string maxLength: 4096 default: '' description: The new comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical. allowedAccountIds: type: string maxLength: 4096 default: '' description: The new comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAwsAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string stsEndpoint: type: string allowedPrincipalArns: type: string allowedAccountIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - stsEndpoint - allowedPrincipalArns - allowedAccountIds additionalProperties: false required: - identityAwsAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getAwsAuth tags: - AWS Auth description: Retrieve AWS Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAwsAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string stsEndpoint: type: string allowedPrincipalArns: type: string allowedAccountIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - stsEndpoint - allowedPrincipalArns - allowedAccountIds additionalProperties: false required: - identityAwsAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsAuth tags: - AWS Auth description: Delete AWS Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAwsAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string stsEndpoint: type: string allowedPrincipalArns: type: string allowedAccountIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - stsEndpoint - allowedPrincipalArns - allowedAccountIds additionalProperties: false required: - identityAwsAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/tls-cert-auth/login: post: operationId: loginWithTlsCertAuth tags: - TLS Certificate Auth description: Login with TLS Certificate Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/tls-cert-auth/identities/{identityId}: post: operationId: attachTlsCertAuth tags: - TLS Certificate Auth description: Attach TLS Certificate Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: allowedCommonNames: type: string minLength: 1 nullable: true description: The comma-separated list of trusted common names that are allowed to authenticate with Infisical. caCertificate: type: string minLength: 1 maxLength: 10240 description: The PEM-encoded CA certificate to validate client certificates. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - caCertificate additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTlsCertAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid allowedCommonNames: type: string nullable: true encryptedCaCertificate: {} required: - id - createdAt - updatedAt - identityId - encryptedCaCertificate additionalProperties: false required: - identityTlsCertAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTlsCertAuth tags: - TLS Certificate Auth description: Update TLS Certificate Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: caCertificate: type: string minLength: 1 maxLength: 10240 description: The PEM-encoded CA certificate to validate client certificates. allowedCommonNames: type: string minLength: 1 nullable: true description: The comma-separated list of trusted common names that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTlsCertAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid allowedCommonNames: type: string nullable: true encryptedCaCertificate: {} required: - id - createdAt - updatedAt - identityId - encryptedCaCertificate additionalProperties: false required: - identityTlsCertAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getTlsCertAuth tags: - TLS Certificate Auth description: Retrieve TLS Certificate Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTlsCertAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid allowedCommonNames: type: string nullable: true encryptedCaCertificate: {} caCertificate: type: string required: - id - createdAt - updatedAt - identityId - encryptedCaCertificate - caCertificate additionalProperties: false required: - identityTlsCertAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTlsCertAuth tags: - TLS Certificate Auth description: Delete TLS Certificate Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityTlsCertAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid allowedCommonNames: type: string nullable: true encryptedCaCertificate: {} required: - id - createdAt - updatedAt - identityId - encryptedCaCertificate additionalProperties: false required: - identityTlsCertAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/azure-auth/login: post: operationId: loginWithAzureAuth tags: - Azure Auth description: Login with Azure Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/azure-auth/identities/{identityId}: post: operationId: attachAzureAuth tags: - Azure Auth description: Attach Azure Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: tenantId: type: string description: The tenant ID for the Azure AD organization. resource: type: string description: The resource URL for the application registered in Azure AD. allowedServicePrincipalIds: type: string default: '' description: The comma-separated list of Azure AD service principal IDs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - tenantId - resource additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to login. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAzureAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid tenantId: type: string resource: type: string allowedServicePrincipalIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - tenantId - resource - allowedServicePrincipalIds additionalProperties: false required: - identityAzureAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureAuth tags: - Azure Auth description: Update Azure Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: tenantId: type: string description: The new tenant ID for the Azure AD organization. resource: type: string description: The new resource URL for the application registered in Azure AD. allowedServicePrincipalIds: type: string default: '' description: The new comma-separated list of Azure AD service principal IDs that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAzureAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid tenantId: type: string resource: type: string allowedServicePrincipalIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - tenantId - resource - allowedServicePrincipalIds additionalProperties: false required: - identityAzureAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getAzureAuth tags: - Azure Auth description: Retrieve Azure Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAzureAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid tenantId: type: string resource: type: string allowedServicePrincipalIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - tenantId - resource - allowedServicePrincipalIds additionalProperties: false required: - identityAzureAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureAuth tags: - Azure Auth description: Delete Azure Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityAzureAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid tenantId: type: string resource: type: string allowedServicePrincipalIds: type: string accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - tenantId - resource - allowedServicePrincipalIds additionalProperties: false required: - identityAzureAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/oci-auth/login: post: operationId: loginWithOciAuth tags: - OCI Auth description: Login with OCI Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. userOcid: type: string description: The OCID of the user attempting login. headers: type: object properties: authorization: type: string host: type: string x-date: type: string date: type: string required: - authorization - host additionalProperties: false description: The headers of the signed request. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - userOcid - headers additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/oci-auth/identities/{identityId}: post: operationId: attachOciAuth tags: - OCI Auth description: Attach OCI Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: tenancyOcid: type: string minLength: 1 description: The OCID of your tenancy. allowedUsernames: type: string maxLength: 500 nullable: true description: The comma-separated list of trusted OCI account usernames that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - tenancyOcid additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOciAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string tenancyOcid: type: string allowedUsernames: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - tenancyOcid additionalProperties: false required: - identityOciAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOciAuth tags: - OCI Auth description: Update OCI Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: tenancyOcid: type: string minLength: 1 description: The OCID of your tenancy. allowedUsernames: type: string maxLength: 500 nullable: true description: The comma-separated list of trusted OCI account usernames that are allowed to authenticate with Infisical. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. required: - tenancyOcid additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOciAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string tenancyOcid: type: string allowedUsernames: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - tenancyOcid additionalProperties: false required: - identityOciAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getOciAuth tags: - OCI Auth description: Retrieve OCI Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOciAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string tenancyOcid: type: string allowedUsernames: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - tenancyOcid additionalProperties: false required: - identityOciAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOciAuth tags: - OCI Auth description: Delete OCI Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOciAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid type: type: string tenancyOcid: type: string allowedUsernames: type: string nullable: true accessTokenPeriod: type: number default: 0 required: - id - createdAt - updatedAt - identityId - type - tenancyOcid additionalProperties: false required: - identityOciAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/oidc-auth/login: post: operationId: loginWithOidcAuth tags: - OIDC Auth description: Login with OIDC Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/oidc-auth/identities/{identityId}: post: operationId: attachOidcAuth tags: - OIDC Auth description: Attach OIDC Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: oidcDiscoveryUrl: type: string format: uri minLength: 1 description: The URL used to retrieve the OpenID Connect configuration from the identity provider. caCert: type: string default: '' description: The PEM-encoded CA cert for establishing secure communication with the Identity Provider endpoints. boundIssuer: type: string minLength: 1 description: The unique identifier of the identity provider issuing the JWT. boundAudiences: type: string default: '' description: The list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The attributes that should be present in the JWT for it to be valid. claimMetadataMapping: type: object additionalProperties: type: string description: The attributes that should be present in the permission metadata from the JWT. boundSubject: type: string default: '' description: The expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - oidcDiscoveryUrl - boundIssuer - boundClaims additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOidcAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid oidcDiscoveryUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} claimMetadataMapping: nullable: true boundSubject: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caCert: type: string required: - id - identityId - oidcDiscoveryUrl - boundIssuer - boundAudiences - createdAt - updatedAt - caCert additionalProperties: false required: - identityOidcAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOidcAuth tags: - OIDC Auth description: Update OIDC Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: oidcDiscoveryUrl: type: string format: uri minLength: 1 description: The new URL used to retrieve the OpenID Connect configuration from the identity provider. caCert: type: string default: '' description: The new PEM-encoded CA cert for establishing secure communication with the Identity Provider endpoints. boundIssuer: type: string minLength: 1 description: The new unique identifier of the identity provider issuing the JWT. boundAudiences: type: string default: '' description: The new list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The new attributes that should be present in the JWT for it to be valid. claimMetadataMapping: type: object additionalProperties: type: string description: The new attributes that should be present in the permission metadata from the JWT. boundSubject: type: string default: '' description: The new expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The new maximum number of times that an access token can be used. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOidcAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid oidcDiscoveryUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} claimMetadataMapping: nullable: true boundSubject: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caCert: type: string required: - id - identityId - oidcDiscoveryUrl - boundIssuer - boundAudiences - createdAt - updatedAt - caCert additionalProperties: false required: - identityOidcAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getOidcAuth tags: - OIDC Auth description: Retrieve OIDC Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOidcAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid oidcDiscoveryUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} claimMetadataMapping: nullable: true boundSubject: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caCert: type: string required: - id - identityId - oidcDiscoveryUrl - boundIssuer - boundAudiences - createdAt - updatedAt - caCert additionalProperties: false required: - identityOidcAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOidcAuth tags: - OIDC Auth description: Delete OIDC Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityOidcAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid oidcDiscoveryUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} claimMetadataMapping: nullable: true boundSubject: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - identityId - oidcDiscoveryUrl - boundIssuer - boundAudiences - createdAt - updatedAt additionalProperties: false required: - identityOidcAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/jwt-auth/login: post: operationId: loginWithJwtAuth tags: - JWT Auth description: Login with JWT Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/jwt-auth/identities/{identityId}: post: operationId: attachJwtAuth tags: - JWT Auth description: Attach JWT Auth configuration onto machine identity requestBody: required: true content: application/json: schema: anyOf: - type: object properties: configurationType: type: string enum: - jwks description: 'The configuration for validating JWTs. Must be one of: ''jwks'', ''static''' jwksUrl: type: string format: uri description: The URL of the JWKS endpoint. Required if configurationType is 'jwks'. This endpoint must serve JSON Web Key Sets (JWKS) containing the public keys used to verify JWT signatures. jwksCaCert: type: string default: '' description: The PEM-encoded CA certificate for validating the TLS connection to the JWKS endpoint. publicKeys: type: array items: type: string default: [] description: A list of PEM-encoded public keys used to verify JWT signatures. Required if configurationType is 'static'. Each key must be in RSA or ECDSA format and properly PEM-encoded with BEGIN/END markers. boundIssuer: type: string default: '' description: The unique identifier of the JWT provider. boundAudiences: type: string default: '' description: The list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The attributes that should be present in the JWT for it to be valid. boundSubject: type: string default: '' description: The expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - configurationType - jwksUrl - boundClaims additionalProperties: false - type: object properties: configurationType: type: string enum: - static description: 'The configuration for validating JWTs. Must be one of: ''jwks'', ''static''' jwksUrl: type: string default: '' description: The URL of the JWKS endpoint. Required if configurationType is 'jwks'. This endpoint must serve JSON Web Key Sets (JWKS) containing the public keys used to verify JWT signatures. jwksCaCert: type: string default: '' description: The PEM-encoded CA certificate for validating the TLS connection to the JWKS endpoint. publicKeys: type: array items: type: string minLength: 1 minItems: 1 description: A list of PEM-encoded public keys used to verify JWT signatures. Required if configurationType is 'static'. Each key must be in RSA or ECDSA format and properly PEM-encoded with BEGIN/END markers. boundIssuer: type: string default: '' description: The unique identifier of the JWT provider. boundAudiences: type: string default: '' description: The list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The attributes that should be present in the JWT for it to be valid. boundSubject: type: string default: '' description: The expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - configurationType - publicKeys - boundClaims additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityJwtAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid configurationType: type: string jwksUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} boundSubject: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 jwksCaCert: type: string publicKeys: type: array items: type: string required: - id - identityId - configurationType - jwksUrl - boundIssuer - boundAudiences - boundSubject - createdAt - updatedAt - jwksCaCert - publicKeys additionalProperties: false required: - identityJwtAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateJwtAuth tags: - JWT Auth description: Update JWT Auth configuration on machine identity requestBody: required: true content: application/json: schema: anyOf: - type: object properties: configurationType: type: string enum: - jwks description: 'The configuration for validating JWTs. Must be one of: ''jwks'', ''static''' jwksUrl: type: string format: uri description: The URL of the JWKS endpoint. Required if configurationType is 'jwks'. This endpoint must serve JSON Web Key Sets (JWKS) containing the public keys used to verify JWT signatures. jwksCaCert: type: string default: '' description: The PEM-encoded CA certificate for validating the TLS connection to the JWKS endpoint. publicKeys: type: array items: type: string default: [] description: A list of PEM-encoded public keys used to verify JWT signatures. Required if configurationType is 'static'. Each key must be in RSA or ECDSA format and properly PEM-encoded with BEGIN/END markers. boundIssuer: type: string default: '' description: The new unique identifier of the JWT provider. boundAudiences: type: string default: '' description: The new list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The new attributes that should be present in the JWT for it to be valid. boundSubject: type: string default: '' description: The new expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The new maximum number of times that an access token can be used. required: - configurationType - jwksUrl additionalProperties: false - type: object properties: configurationType: type: string enum: - static description: 'The configuration for validating JWTs. Must be one of: ''jwks'', ''static''' jwksUrl: type: string default: '' description: The URL of the JWKS endpoint. Required if configurationType is 'jwks'. This endpoint must serve JSON Web Key Sets (JWKS) containing the public keys used to verify JWT signatures. jwksCaCert: type: string default: '' description: The PEM-encoded CA certificate for validating the TLS connection to the JWKS endpoint. publicKeys: type: array items: type: string minLength: 1 minItems: 1 description: A list of PEM-encoded public keys used to verify JWT signatures. Required if configurationType is 'static'. Each key must be in RSA or ECDSA format and properly PEM-encoded with BEGIN/END markers. boundIssuer: type: string default: '' description: The new unique identifier of the JWT provider. boundAudiences: type: string default: '' description: The new list of intended recipients. boundClaims: type: object additionalProperties: type: string description: The new attributes that should be present in the JWT for it to be valid. boundSubject: type: string default: '' description: The new expected principal that is the subject of the JWT. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The new maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The new maximum number of times that an access token can be used. required: - configurationType - publicKeys additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityJwtAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid configurationType: type: string jwksUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} boundSubject: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 jwksCaCert: type: string publicKeys: type: array items: type: string required: - id - identityId - configurationType - jwksUrl - boundIssuer - boundAudiences - boundSubject - createdAt - updatedAt - jwksCaCert - publicKeys additionalProperties: false required: - identityJwtAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getJwtAuth tags: - JWT Auth description: Retrieve JWT Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityJwtAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid configurationType: type: string jwksUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} boundSubject: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 jwksCaCert: type: string publicKeys: type: array items: type: string required: - id - identityId - configurationType - jwksUrl - boundIssuer - boundAudiences - boundSubject - createdAt - updatedAt - jwksCaCert - publicKeys additionalProperties: false required: - identityJwtAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteJwtAuth tags: - JWT Auth description: Delete JWT Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityJwtAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid configurationType: type: string jwksUrl: type: string boundIssuer: type: string boundAudiences: type: string boundClaims: {} boundSubject: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 required: - id - identityId - configurationType - jwksUrl - boundIssuer - boundAudiences - boundSubject - createdAt - updatedAt additionalProperties: false required: - identityJwtAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/spiffe-auth/login: post: operationId: loginWithSpiffeAuth tags: - SPIFFE Auth description: Login with SPIFFE Auth (JWT-SVID) for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string description: The ID of the machine identity to login. jwt: type: string description: The JWT-SVID token to authenticate with. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - jwt additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/spiffe-auth/identities/{identityId}: post: operationId: attachSpiffeAuth tags: - SPIFFE Auth description: Attach SPIFFE Auth configuration onto machine identity requestBody: required: true content: application/json: schema: type: object properties: trustDomain: type: string minLength: 1 description: The SPIFFE trust domain (e.g. prod.example.com). allowedSpiffeIds: type: string minLength: 1 description: Comma-separated list of allowed SPIFFE ID patterns. Supports picomatch glob patterns (e.g. spiffe://prod.example.com/**). allowedAudiences: type: string minLength: 1 description: Comma-separated list of allowed audiences for JWT-SVID validation. trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static description: 'The trust bundle distribution profile. Must be one of: ''static'' (admin uploads JWKS), ''https_web_bundle'' (auto-refresh from HTTPS endpoint).' bundle: type: string minLength: 1 description: The JWKS JSON containing public keys for JWT-SVID verification. Required when profile is 'static'. required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle description: 'The trust bundle distribution profile. Must be one of: ''static'' (admin uploads JWKS), ''https_web_bundle'' (auto-refresh from HTTPS endpoint).' endpointUrl: type: string format: uri description: The SPIRE bundle endpoint URL for automatic trust bundle retrieval. Required when profile is 'https_web_bundle'. caCert: type: string description: Optional PEM-encoded root CA certificate for verifying the bundle endpoint TLS connection. Defaults to system root CAs when not provided. refreshHintSeconds: type: integer minimum: 0 default: 3600 description: The interval in seconds between bundle refresh attempts. Defaults to 3600. required: - profile - endpointUrl additionalProperties: false accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. required: - trustDomain - allowedSpiffeIds - allowedAudiences - trustBundleDistribution additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identitySpiffeAuth: type: object properties: id: type: string format: uuid identityId: type: string format: uuid trustDomain: type: string allowedSpiffeIds: type: string allowedAudiences: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static bundle: type: string required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle endpointUrl: type: string caCert: type: string refreshHintSeconds: type: number cachedBundleLastRefreshedAt: type: string format: date-time nullable: true required: - profile - endpointUrl - caCert - refreshHintSeconds additionalProperties: false required: - id - identityId - trustDomain - allowedSpiffeIds - allowedAudiences - createdAt - updatedAt - trustBundleDistribution additionalProperties: false required: - identitySpiffeAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSpiffeAuth tags: - SPIFFE Auth description: Update SPIFFE Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: trustDomain: type: string minLength: 1 description: The SPIFFE trust domain (e.g. prod.example.com). allowedSpiffeIds: type: string minLength: 1 description: Comma-separated list of allowed SPIFFE ID patterns. Supports picomatch glob patterns (e.g. spiffe://prod.example.com/**). allowedAudiences: type: string minLength: 1 description: Comma-separated list of allowed audiences for JWT-SVID validation. trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static description: 'The trust bundle distribution profile. Must be one of: ''static'' (admin uploads JWKS), ''https_web_bundle'' (auto-refresh from HTTPS endpoint).' bundle: type: string minLength: 1 description: The JWKS JSON containing public keys for JWT-SVID verification. Required when profile is 'static'. required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle description: 'The trust bundle distribution profile. Must be one of: ''static'' (admin uploads JWKS), ''https_web_bundle'' (auto-refresh from HTTPS endpoint).' endpointUrl: type: string format: uri description: The SPIRE bundle endpoint URL for automatic trust bundle retrieval. Required when profile is 'https_web_bundle'. caCert: type: string description: Optional PEM-encoded root CA certificate for verifying the bundle endpoint TLS connection. Defaults to system root CAs when not provided. refreshHintSeconds: type: integer minimum: 0 default: 3600 description: The interval in seconds between bundle refresh attempts. Defaults to 3600. required: - profile - endpointUrl additionalProperties: false accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identitySpiffeAuth: type: object properties: id: type: string format: uuid identityId: type: string format: uuid trustDomain: type: string allowedSpiffeIds: type: string allowedAudiences: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static bundle: type: string required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle endpointUrl: type: string caCert: type: string refreshHintSeconds: type: number cachedBundleLastRefreshedAt: type: string format: date-time nullable: true required: - profile - endpointUrl - caCert - refreshHintSeconds additionalProperties: false required: - id - identityId - trustDomain - allowedSpiffeIds - allowedAudiences - createdAt - updatedAt - trustBundleDistribution additionalProperties: false required: - identitySpiffeAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getSpiffeAuth tags: - SPIFFE Auth description: Retrieve SPIFFE Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identitySpiffeAuth: type: object properties: id: type: string format: uuid identityId: type: string format: uuid trustDomain: type: string allowedSpiffeIds: type: string allowedAudiences: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static bundle: type: string required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle endpointUrl: type: string caCert: type: string refreshHintSeconds: type: number cachedBundleLastRefreshedAt: type: string format: date-time nullable: true required: - profile - endpointUrl - caCert - refreshHintSeconds additionalProperties: false required: - id - identityId - trustDomain - allowedSpiffeIds - allowedAudiences - createdAt - updatedAt - trustBundleDistribution additionalProperties: false required: - identitySpiffeAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSpiffeAuth tags: - SPIFFE Auth description: Delete SPIFFE Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the auth method for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identitySpiffeAuth: type: object properties: id: type: string format: uuid identityId: type: string format: uuid trustDomain: type: string allowedSpiffeIds: type: string allowedAudiences: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static bundle: type: string required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle endpointUrl: type: string caCert: type: string refreshHintSeconds: type: number cachedBundleLastRefreshedAt: type: string format: date-time nullable: true required: - profile - endpointUrl - caCert - refreshHintSeconds additionalProperties: false required: - id - identityId - trustDomain - allowedSpiffeIds - allowedAudiences - createdAt - updatedAt - trustBundleDistribution additionalProperties: false required: - identitySpiffeAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/spiffe-auth/identities/{identityId}/refresh-bundle: post: operationId: refreshSpiffeBundle tags: - SPIFFE Auth description: Force-refresh the cached SPIFFE trust bundle for a remote-configured machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to force-refresh the cached SPIFFE trust bundle for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identitySpiffeAuth: type: object properties: id: type: string format: uuid identityId: type: string format: uuid trustDomain: type: string allowedSpiffeIds: type: string allowedAudiences: type: string accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time trustBundleDistribution: anyOf: - type: object properties: profile: type: string enum: - static bundle: type: string required: - profile - bundle additionalProperties: false - type: object properties: profile: type: string enum: - https_web_bundle endpointUrl: type: string caCert: type: string refreshHintSeconds: type: number cachedBundleLastRefreshedAt: type: string format: date-time nullable: true required: - profile - endpointUrl - caCert - refreshHintSeconds additionalProperties: false required: - id - identityId - trustDomain - allowedSpiffeIds - allowedAudiences - createdAt - updatedAt - trustBundleDistribution additionalProperties: false required: - identitySpiffeAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/ldap-auth/login: post: operationId: loginWithLdapAuth tags: - LDAP Auth description: Login with LDAP Auth for machine identity requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string format: uuid description: The ID of the machine identity to login. username: type: string minLength: 1 description: The username of the LDAP user to login. password: type: string minLength: 1 description: The password of the LDAP user to login. organizationSlug: type: string minLength: 1 maxLength: 64 description: When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in. required: - identityId - username - password additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: accessToken: type: string expiresIn: type: number accessTokenMaxTTL: type: number tokenType: type: string enum: - Bearer required: - accessToken - expiresIn - accessTokenMaxTTL - tokenType additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/ldap-auth/identities/{identityId}: post: operationId: attachLdapAuth tags: - LDAP Auth description: Attach LDAP Auth configuration onto machine identity requestBody: required: true content: application/json: schema: anyOf: - type: object properties: templateId: type: string description: The ID of the identity auth template to attach the configuration onto. searchFilter: type: string minLength: 1 default: (uid={{username}}) description: The filter to use to search for the LDAP user. allowedFields: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false description: The comma-separated array of key/value pairs of required fields that the LDAP entry must have in order to authenticate. ldapCaCertificate: type: string description: The PEM-encoded CA certificate for the LDAP server. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. lockoutEnabled: type: boolean default: true description: Whether the lockout feature is enabled. lockoutThreshold: type: number minimum: 1 maximum: 30 default: 3 description: The amount of times login must fail before locking the identity auth method. lockoutDurationSeconds: type: number minimum: 30 maximum: 86400 default: 300 description: How long an identity auth method lockout lasts. lockoutCounterResetSeconds: type: number minimum: 5 maximum: 3600 default: 30 description: How long to wait from the most recent failed login until resetting the lockout counter. required: - templateId additionalProperties: false - type: object properties: url: type: string description: The URL of the LDAP server. bindDN: type: string description: The DN of the user to bind to the LDAP server. bindPass: type: string description: The password of the user to bind to the LDAP server. searchBase: type: string description: The base DN to search for the LDAP user. searchFilter: type: string minLength: 1 default: (uid={{username}}) description: The filter to use to search for the LDAP user. allowedFields: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false description: The comma-separated array of key/value pairs of required fields that the LDAP entry must have in order to authenticate. ldapCaCertificate: type: string description: The PEM-encoded CA certificate for the LDAP server. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 default: - ipAddress: 0.0.0.0/0 - ipAddress: ::/0 description: The IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 default: 2592000 description: The lifetime for an access token in seconds. accessTokenMaxTTL: type: integer minimum: 1 maximum: 315360000 default: 2592000 description: The maximum lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 default: 0 description: The maximum number of times that an access token can be used. lockoutEnabled: type: boolean default: true description: Whether the lockout feature is enabled. lockoutThreshold: type: number minimum: 1 maximum: 30 default: 3 description: The amount of times login must fail before locking the identity auth method. lockoutDurationSeconds: type: number minimum: 30 maximum: 86400 default: 300 description: How long an identity auth method lockout lasts. lockoutCounterResetSeconds: type: number minimum: 5 maximum: 3600 default: 30 description: How long to wait from the most recent failed login until resetting the lockout counter. required: - url - bindDN - bindPass - searchBase additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to attach the configuration onto. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityLdapAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string allowedFields: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 templateId: type: string format: uuid nullable: true lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - identityId - url - searchBase - searchFilter - createdAt - updatedAt additionalProperties: false required: - identityLdapAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateLdapAuth tags: - LDAP Auth description: Update LDAP Auth configuration on machine identity requestBody: required: true content: application/json: schema: type: object properties: url: type: string minLength: 1 description: The new URL of the LDAP server. bindDN: type: string minLength: 1 description: The new DN of the user to bind to the LDAP server. bindPass: type: string minLength: 1 description: The new password of the user to bind to the LDAP server. searchBase: type: string minLength: 1 description: The new base DN to search for the LDAP user. templateId: type: string description: The ID of the identity auth template to update the configuration to. searchFilter: type: string minLength: 1 description: The new filter to use to search for the LDAP user. allowedFields: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false description: The comma-separated list of allowed fields to return from the LDAP user. accessTokenTrustedIps: type: array items: type: object properties: ipAddress: type: string required: - ipAddress additionalProperties: false minItems: 1 description: The new IPs or CIDR ranges that access tokens can be used from. accessTokenTTL: type: integer minimum: 0 maximum: 315360000 description: The new lifetime for an access token in seconds. accessTokenNumUsesLimit: type: integer minimum: 0 description: The new maximum number of times that an access token can be used. accessTokenMaxTTL: type: integer maximum: 315360000 minimum: 0 description: The new maximum lifetime for an access token in seconds. lockoutEnabled: type: boolean description: Whether the lockout feature is enabled. lockoutThreshold: type: number minimum: 1 maximum: 30 description: The amount of times login must fail before locking the identity auth method. lockoutDurationSeconds: type: number minimum: 30 maximum: 86400 description: How long an identity auth method lockout lasts. lockoutCounterResetSeconds: type: number minimum: 5 maximum: 3600 description: How long to wait from the most recent failed login until resetting the lockout counter. additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the configuration for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityLdapAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string allowedFields: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 templateId: type: string format: uuid nullable: true lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - identityId - url - searchBase - searchFilter - createdAt - updatedAt additionalProperties: false required: - identityLdapAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getLdapAuth tags: - LDAP Auth description: Retrieve LDAP Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to retrieve the configuration for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityLdapAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string allowedFields: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 templateId: type: string nullable: true lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 bindDN: type: string bindPass: type: string ldapCaCertificate: type: string required: - id - identityId - url - searchBase - searchFilter - createdAt - updatedAt - bindDN - bindPass additionalProperties: false required: - identityLdapAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteLdapAuth tags: - LDAP Auth description: Delete LDAP Auth configuration on machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to revoke the configuration for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityLdapAuth: type: object properties: id: type: string format: uuid accessTokenTTL: type: number default: 7200 accessTokenMaxTTL: type: number default: 7200 accessTokenNumUsesLimit: type: number default: 0 accessTokenTrustedIps: {} identityId: type: string format: uuid url: type: string searchBase: type: string searchFilter: type: string allowedFields: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time accessTokenPeriod: type: number default: 0 templateId: type: string format: uuid nullable: true lockoutEnabled: type: boolean default: true lockoutThreshold: type: number default: 3 lockoutDurationSeconds: type: number default: 300 lockoutCounterResetSeconds: type: number default: 30 required: - id - identityId - url - searchBase - searchFilter - createdAt - updatedAt additionalProperties: false required: - identityLdapAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/auth/ldap-auth/identities/{identityId}/clear-lockouts: post: operationId: clearLdapAuthLockouts tags: - LDAP Auth description: Clear LDAP Auth Lockouts for machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to clear the client lockouts from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: deleted: type: number required: - deleted additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organization/audit-logs: get: operationId: listOrganizationAuditLogs tags: - Audit Logs description: Get all audit logs for an organization parameters: - schema: type: string in: query name: projectId required: false description: Optionally filter logs by project ID. If not provided, logs from the entire organization will be returned. - schema: type: string in: query name: environment required: false description: The environment to filter logs by. If not provided, logs from all environments will be returned. Note that the projectId parameter must also be provided. - schema: type: string enum: - platform - kmipClient - user - service - identity - scimClient - acmeProfile - acmeAccount - estAccount - scepAccount - unknownUser - gateway - relay - kmipServer in: query name: actorType required: false description: The type of actor to filter audit logs by. Must be provided when the actor parameter targets a non-user actor type (e.g. identity, kmipClient). - schema: type: string in: query name: secretPath required: false description: The path of the secret to query audit logs for. Note that the projectId parameter must also be provided. - schema: type: string in: query name: secretKey required: false description: The key of the secret to query audit logs for. Note that the projectId parameter must also be provided. - schema: allOf: - anyOf: - not: {} - type: string - anyOf: - not: {} - type: array items: type: string enum: - get-secrets - get-secret - reveal-secret - create-secret - create-secrets - update-secret - update-secrets - move-secrets - duplicate-secret - delete-secret - delete-secrets - redact-secret-version-value - get-project-key - authorize-integration - update-integration-auth - unauthorize-integration - create-integration - delete-integration - manual-sync-integration - add-trusted-ip - update-trusted-ip - delete-trusted-ip - create-service-token - delete-service-token - create-sub-organization - update-sub-organization - delete-sub-organization - join-sub-organization - create-identity - update-identity - delete-identity - create-identity-org-membership - update-identity-org-membership - delete-identity-org-membership - create-identity-project-membership - update-identity-project-membership - delete-identity-project-membership - machine-identity-auth-template-create - machine-identity-auth-template-update - machine-identity-auth-template-delete - login-identity-universal-auth - login-identity-universal-auth-failed - add-identity-universal-auth - update-identity-universal-auth - get-identity-universal-auth - revoke-identity-universal-auth - create-token-identity-token-auth - update-token-identity-token-auth - get-tokens-identity-token-auth - get-token-identity-token-auth - add-identity-token-auth - update-identity-token-auth - get-identity-token-auth - revoke-identity-token-auth - login-identity-kubernetes-auth - login-identity-kubernetes-auth-failed - add-identity-kubernetes-auth - update-identity-kubernetes-auth - get-identity-kubernetes-auth - revoke-identity-kubernetes-auth - login-identity-oidc-auth - login-identity-oidc-auth-failed - add-identity-oidc-auth - update-identity-oidc-auth - get-identity-oidc-auth - revoke-identity-oidc-auth - login-identity-jwt-auth - login-identity-jwt-auth-failed - add-identity-jwt-auth - update-identity-jwt-auth - get-identity-jwt-auth - revoke-identity-jwt-auth - login-identity-spiffe-auth - login-identity-spiffe-auth-failed - add-identity-spiffe-auth - update-identity-spiffe-auth - get-identity-spiffe-auth - revoke-identity-spiffe-auth - refresh-identity-spiffe-auth-bundle - create-identity-universal-auth-client-secret - revoke-identity-universal-auth-client-secret - clear-identity-universal-auth-lockouts - clear-identity-ldap-auth-lockouts - get-identity-universal-auth-client-secret - get-identity-universal-auth-client-secret-by-id - login-identity-gcp-auth - login-identity-gcp-auth-failed - add-identity-gcp-auth - update-identity-gcp-auth - revoke-identity-gcp-auth - get-identity-gcp-auth - login-identity-alicloud-auth - login-identity-alicloud-auth-failed - add-identity-alicloud-auth - update-identity-alicloud-auth - revoke-identity-alicloud-auth - get-identity-alicloud-auth - login-identity-tls-cert-auth - login-identity-tls-cert-auth-failed - add-identity-tls-cert-auth - update-identity-tls-cert-auth - revoke-identity-tls-cert-auth - get-identity-tls-cert-auth - login-identity-aws-auth - login-identity-aws-auth-failed - add-identity-aws-auth - update-identity-aws-auth - revoke-identity-aws-auth - get-identity-aws-auth - login-identity-oci-auth - login-identity-oci-auth-failed - add-identity-oci-auth - update-identity-oci-auth - revoke-identity-oci-auth - get-identity-oci-auth - login-identity-azure-auth - login-identity-azure-auth-failed - add-identity-azure-auth - update-identity-azure-auth - get-identity-azure-auth - revoke-identity-azure-auth - login-identity-ldap-auth - login-identity-ldap-auth-failed - add-identity-ldap-auth - update-identity-ldap-auth - get-identity-ldap-auth - revoke-identity-ldap-auth - create-environment - update-environment - delete-environment - restore-environment - get-environment - add-project-member - add-project-members - remove-project-member - get-project-member-permission-audit - get-project-identity-permission-audit - create-folder - update-folder - delete-folder - create-webhook - update-webhook-status - delete-webhook - webhook-triggered - get-secret-imports - get-secret-import - create-secret-import - update-secret-import - delete-secret-import - update-user-project-role - update-user-project-denied-permissions - add-project-group - update-project-group - remove-project-group - secret-approval-merged - secret-approval-request - secret-approval-closed - secret-approval-reopened - secret-approval-request-review - sign-ssh-key - issue-ssh-creds - create-ssh-certificate-authority - get-ssh-certificate-authority - update-ssh-certificate-authority - delete-ssh-certificate-authority - get-ssh-certificate-authority-certificate-templates - create-ssh-certificate-template - update-ssh-certificate-template - delete-ssh-certificate-template - get-ssh-certificate-template - get-azure-ad-templates - get-ssh-host - create-ssh-host - update-ssh-host - delete-ssh-host - issue-ssh-host-user-cert - issue-ssh-host-host-cert - get-ssh-host-group - create-ssh-host-group - update-ssh-host-group - delete-ssh-host-group - get-ssh-host-group-hosts - add-host-to-ssh-host-group - remove-host-from-ssh-host-group - create-certificate-authority - get-certificate-authority - get-certificate-authorities - update-certificate-authority - delete-certificate-authority - renew-certificate-authority - export-cert-manager-project - get-certificate-authority-csr - get-certificate-authority-certs - get-certificate-authority-cert - sign-intermediate - import-certificate-authority-cert - get-certificate-authority-crls - generate-ca-certificate - install-ca-cert-venafi - install-ca-cert-adcs - create-ca-signing-config - get-ca-signing-config - update-ca-signing-config - get-ca-auto-renewal-config - update-ca-auto-renewal-config - issue-cert - import-cert - sign-cert - get-ca-certificate-templates - get-cert - delete-cert - revoke-cert - assign-cert-to-application - get-cert-body - get-cert-private-key - get-cert-bundle - export-cert-pkcs12 - create-pki-alert - get-pki-alert - update-pki-alert - delete-pki-alert - create-certificate-inventory-view - update-certificate-inventory-view - delete-certificate-inventory-view - create-pki-collection - get-pki-collection - update-pki-collection - delete-pki-collection - get-pki-collection-items - add-pki-collection-item - delete-pki-collection-item - create-pki-subscriber - update-pki-subscriber - delete-pki-subscriber - get-pki-subscriber - issue-pki-subscriber-cert - sign-pki-subscriber-cert - automated-renew-subscriber-cert - automated-renew-certificate - automated-renew-certificate-failed - list-pki-subscriber-certs - get-subscriber-active-cert-bundle - create-kms - update-kms - delete-kms - get-kms - update-project-kms - get-project-kms-backup - load-project-kms-backup - org-admin-accessed-project - org-admin-bypassed-sso - user-login - select-organization - select-sub-organization - create-certificate-policy - update-certificate-policy - delete-certificate-policy - get-certificate-policy - list-certificate-policies - create-certificate-template-est-config - update-certificate-template-est-config - get-certificate-template-est-config - create-certificate-profile - update-certificate-profile - delete-certificate-profile - get-certificate-profile - list-certificate-profiles - create-pki-application - update-pki-application - delete-pki-application - get-pki-application - list-pki-applications - attach-pki-application-profiles - detach-pki-application-profile - add-pki-application-member - update-pki-application-member-role - remove-pki-application-member - list-pki-application-members - get-pki-application-enrollment - set-pki-application-api-enrollment - clear-pki-application-api-enrollment - set-pki-application-est-enrollment - clear-pki-application-est-enrollment - set-pki-application-acme-enrollment - clear-pki-application-acme-enrollment - reveal-pki-application-acme-eab-secret - rotate-pki-application-acme-eab-secret - set-pki-application-scep-enrollment - clear-pki-application-scep-enrollment - get-cert-manager-instance-state - set-cert-manager-active-project - invite-cert-manager-users - update-cert-manager-user - remove-cert-manager-user - remove-cert-manager-users-batch - add-cert-manager-identity - update-cert-manager-identity - remove-cert-manager-identity - add-cert-manager-group - update-cert-manager-group - remove-cert-manager-group - issue-certificate-from-profile - sign-certificate-from-profile - order-certificate-from-profile - renew-certificate - get-certificate-profile-latest-active-bundle - update-certificate-renewal-config - update-certificate-metadata - update-certificate-cleanup-config - certificate-cleanup-completed - disable-certificate-renewal-config - create-certificate-request - get-certificate-request - get-certificate-from-request - list-certificate-requests - trigger-certificate-request-validation - cancel-certificate-request - attempt-create-slack-integration - attempt-reinstall-slack-integration - get-project-slack-config - update-project-slack-config - get-slack-integration - update-slack-integration - delete-slack-integration - get-project-workflow-integration-config - update-project-workflow-integration-config - get-project-ssh-config - update-project-ssh-config - integration-synced - create-cmek - update-cmek - delete-cmek - get-cmeks - get-cmek - cmek-encrypt - cmek-decrypt - cmek-sign - cmek-verify - cmek-list-signing-algorithms - cmek-get-public-key - cmek-get-private-key - cmek-bulk-export-private-keys - cmek-bulk-import-keys - update-external-group-org-role-mapping - get-external-group-org-role-mapping - create-group - update-group - delete-group - link-group-to-sub-org - update-group-org-membership - unlink-group-from-sub-org - add-user-to-group - remove-user-from-group - add-identity-to-group - remove-identity-from-group - add-group-to-project - update-group-project-membership - remove-group-from-project - get-project-templates - get-project-template - create-project-template - update-project-template - delete-project-template - get-app-connections - get-available-app-connections-details - get-app-connection - create-app-connection - update-app-connection - delete-app-connection - get-app-connection-usage - migrate-app-connection - rotate-app-connection-credentials - create-github-app - delete-github-app - create-shared-secret - create-secret-request - delete-shared-secret - read-shared-secret - get-secret-syncs - get-secret-sync - create-secret-sync - update-secret-sync - delete-secret-sync - secret-sync-sync-secrets - secret-sync-import-secrets - secret-sync-remove-secrets - get-pki-syncs - get-pki-sync - get-pki-sync-certificates - create-pki-sync - update-pki-sync - delete-pki-sync - pki-sync-sync-certificates - pki-sync-import-certificates - pki-sync-remove-certificates - pki-sync-set-default-certificate - pki-sync-clear-default-certificate - oidc-group-membership-mapping-assign-user - oidc-group-membership-mapping-remove-user - create-kmip-client - update-kmip-client - delete-kmip-client - get-kmip-client - get-kmip-clients - create-kmip-client-certificate - setup-kmip - get-kmip - register-kmip-server - kmip-operation-create - kmip-operation-get - kmip-operation-destroy - kmip-operation-get-attributes - kmip-operation-activate - kmip-operation-revoke - kmip-operation-locate - kmip-operation-register - get-secret-rotations - get-secret-rotation - get-secret-rotation-generated-credentials - create-secret-rotation - update-secret-rotation - delete-secret-rotation - move-secret-rotation - secret-rotation-rotate-secrets - reconcile-secret-rotation - secret-rotation-check-credentials - project-access-request - microsoft-teams-workflow-integration-create - microsoft-teams-workflow-integration-delete - microsoft-teams-workflow-integration-update - microsoft-teams-workflow-integration-check-installation-status - microsoft-teams-workflow-integration-get-teams - microsoft-teams-workflow-integration-get - microsoft-teams-workflow-integration-list - project-assume-privileges-session-start - project-assume-privileges-session-end - get-project-pit-commits - get-project-pit-commit-changes - get-project-pit-commit-count - pit-rollback-commit - pit-revert-commit - pit-get-folder-state - pit-compare-folder-states - pit-process-new-commit-raw - secret-scanning-data-source-list - secret-scanning-data-source-create - secret-scanning-data-source-update - secret-scanning-data-source-delete - secret-scanning-data-source-get - secret-scanning-data-source-trigger-scan - secret-scanning-data-source-scan - secret-scanning-resource-list - secret-scanning-scan-list - secret-scanning-finding-list - secret-scanning-finding-update - secret-scanning-config-get - secret-scanning-config-update - update-org - create-project - update-project - delete-project - create-project-role - update-project-role - delete-project-role - list-project-roles - get-project-role - create-org-role - update-org-role - delete-org-role - create-secret-reminder - get-secret-reminder - delete-secret-reminder - dashboard-list-secrets - dashboard-get-secret-value - dashboard-get-secret-version-value - view-insights-auth-methods - view-insights-secrets-management-calendar - view-insights-secrets-management-access-volume - view-insights-secrets-management-access-locations - view-insights-secrets-management-summary - view-insights-secrets-duplication - view-insights-pam-summary - view-insights-pam-session-activity - view-insights-pam-top-actors - view-insights-pam-resource-breakdown - view-insights-pam-rotation-calendar - pam-session-credentials-get - pam-session-start - pam-session-logs-update - pam-session-end - pam-session-terminate - pam-session-get - pam-session-list - pam-session-event-batch-upload - pam-session-chunk-upload - pam-session-upload-token-invalid - pam-recording-config-update - pam-recording-config-delete - pam-recording-bucket-connection-test-failed - pam-folder-create - pam-folder-update - pam-folder-delete - pam-account-list - pam-account-get - pam-account-access - pam-account-aws-console-url-generated - pam-account-create - pam-account-update - pam-account-delete - pam-account-credential-rotation - pam-account-credential-rotation-failed - pam-account-policy-create - pam-account-policy-update - pam-account-policy-delete - pam-account-policy-list - pam-account-policy-get - pam-account-read-credentials - pam-web-access-session-ticket-created - pam-resource-list - pam-resource-get - pam-resource-create - pam-resource-update - pam-resource-delete - pam-domain-list - pam-domain-get - pam-domain-create - pam-domain-update - pam-domain-delete - pam-discovery-source-list - pam-discovery-source-get - pam-discovery-source-create - pam-discovery-source-update - pam-discovery-source-delete - pam-discovery-scan - pam-discovery-source-run-list - pam-discovery-source-run-get - pam-discovery-source-resource-list - pam-discovery-source-account-list - pam-resource-rotation-rule-list - pam-resource-rotation-rule-create - pam-resource-rotation-rule-update - pam-resource-rotation-rule-delete - pam-resource-rotation-rule-reorder - approval-policy-create - approval-policy-update - approval-policy-delete - approval-policy-list - approval-policy-get - approval-request-get - approval-request-list - approval-request-create - approval-request-approve - approval-request-reject - approval-request-cancel - approval-request-grant-list - approval-request-grant-get - approval-request-grant-revoke - pam-access-policy-bypassed - access-approval-request-create - access-approval-request-review - access-approval-request-revoke - access-approval-request-update - view-audit-logs - create-acme-account - retrieve-acme-account - create-acme-order - finalize-acme-order - download-acme-certificate - respond-to-acme-challenge - pass-acme-challenge - attempt-acme-challenge - fail-acme-challenge - mcp-endpoint-create - mcp-endpoint-update - mcp-endpoint-delete - mcp-endpoint-get - mcp-endpoint-list - mcp-endpoint-list-tools - mcp-endpoint-enable-tool - mcp-endpoint-disable-tool - mcp-endpoint-bulk-update-tools - mcp-endpoint-oauth-client-register - mcp-endpoint-oauth-authorize - mcp-endpoint-connect - mcp-endpoint-save-user-credential - mcp-server-create - mcp-server-update - mcp-server-delete - mcp-server-get - mcp-server-list - mcp-server-list-tools - mcp-server-sync-tools - mcp-activity-log-list - create-dynamic-secret - update-dynamic-secret - delete-dynamic-secret - get-dynamic-secret - list-dynamic-secrets - create-dynamic-secret-lease - delete-dynamic-secret-lease - renew-dynamic-secret-lease - list-dynamic-secret-leases - get-dynamic-secret-lease - create-pki-discovery - update-pki-discovery - delete-pki-discovery - get-pki-discovery - get-pki-discoveries - trigger-pki-discovery-scan - get-pki-installation - get-pki-installations - update-pki-installation - delete-pki-installation - create-pki-signer - update-pki-signer - delete-pki-signer - get-pki-signer - get-pki-signers - get-pki-signer-public-key - get-pki-signing-operations - pki-signer-sign - enable-pki-signer - disable-pki-signer - reissue-pki-signer-certificate - export-pki-signer-certificate - update-pki-signer-approval-policy - pki-signer-request-to-sign - pki-signer-pre-approve-signing - pki-signer-revoke-request - add-pki-signer-member - update-pki-signer-member - remove-pki-signer-member - scep-enrollment - scep-renewal - scep-dynamic-challenge-generated - secret-validation-rule-create - secret-validation-rule-update - secret-validation-rule-delete - external-migration-create - external-migration-update - external-migration-delete - create-oauth-client - update-oauth-client - delete-oauth-client - rotate-oauth-client-secret - oauth-client-authorize - create-email-domain - verify-email-domain - delete-email-domain - gateway-create - gateway-enrollment-token-create - gateway-enroll - resource-auth-method-login - resource-auth-method-login-failed - resource-auth-method-update - resource-auth-method-revoke - relay-create - relay-update - relay-delete - relay-enrollment-token-create - kmip-server-create - kmip-server-update - kmip-server-delete - kmip-server-enrollment-token-create - gateway-pool-create - gateway-pool-update - gateway-pool-delete - gateway-pool-add-member - gateway-pool-remove-member - create-honey-token - update-honey-token - revoke-honey-token - trigger-honey-token in: query name: eventType required: false - schema: type: string enum: - web - cli - k8-operator - terraform - other - InfisicalPythonSDK - InfisicalNodeSDK in: query name: userAgentType required: false description: Choose which consuming application to export audit logs for. - schema: type: string in: query name: eventMetadata required: false description: Filter by event metadata key-value pairs. Formatted as `key1=value1,key2=value2`, with comma-separation. - schema: type: string format: date-time in: query name: startDate required: false description: The date to start the export from. - schema: type: string format: date-time in: query name: endDate required: false description: The date to end the export at. - schema: type: number default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th audit log. - schema: type: number maximum: 1000 default: 20 in: query name: limit required: false description: The number of audit logs to return. - schema: type: string in: query name: actor required: false description: The ID of a specific actor to filter audit logs by. For user actors this is the userId; for identity actors this is the identityId. When filtering non-user actor types, the actorType parameter must also be provided. responses: '200': description: Default Response content: application/json: schema: type: object properties: auditLogs: type: array items: type: object properties: id: type: string format: uuid ipAddress: type: string nullable: true userAgent: type: string nullable: true userAgentType: type: string nullable: true expiresAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time orgId: type: string format: uuid nullable: true projectId: type: string nullable: true projectName: type: string nullable: true event: type: object properties: type: type: string metadata: {} required: - type additionalProperties: false actor: type: object properties: type: type: string metadata: {} required: - type additionalProperties: false required: - id - createdAt - updatedAt - event - actor additionalProperties: false required: - auditLogs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organization/available-identities: get: operationId: listAvailableOrganizationIdentities tags: - Organization Identity Membership description: List available identities for org membership parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity. - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false description: The number of identities to return. - schema: type: string in: query name: identityName required: false description: The text string that identity membership names will be filtered by. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string format: uuid name: type: string required: - id - name additionalProperties: false required: - identities additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organization/available-groups: get: operationId: listAvailableOrganizationGroups tags: - Groups description: List available groups from parent org for linking to sub-organization responses: '200': description: Default Response content: application/json: schema: type: object properties: groups: type: array items: type: object properties: id: type: string format: uuid name: type: string slug: type: string required: - id - name - slug additionalProperties: false required: - groups additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organizations/memberships/groups: get: operationId: listOrganizationGroupMemberships tags: - Groups description: List organization group memberships parameters: - schema: type: number minimum: 1 maximum: 100 default: 100 in: query name: limit required: false - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: string in: query name: search required: false - schema: anyOf: - type: string - type: array items: type: string in: query name: roles required: false - schema: type: string enum: - name - slug - role in: query name: orderBy required: false - schema: type: string enum: - asc - desc in: query name: orderDirection required: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMemberships: type: array items: type: object properties: id: type: string format: uuid groupId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - group - roles - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - groupMemberships - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/organizations/memberships/groups/{groupId}: post: operationId: createOrganizationGroupMembership tags: - Groups description: 'Create organization group membership (link group to current org). Sub-org only: links a parent-org group.' requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 required: - roles additionalProperties: false parameters: - schema: type: string format: uuid in: path name: groupId required: true description: The ID of the group to link to the current organization security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getOrganizationGroupMembership tags: - Groups description: Get organization group membership by group ID. parameters: - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOrganizationGroupMembership tags: - Groups description: Update organization group membership roles. requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 required: - roles additionalProperties: false parameters: - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOrganizationGroupMembership tags: - Groups description: Unlink a group from the current organization. Only applicable in sub-organizations where the group is linked; cannot be used in the organization that owns the group. parameters: - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid orgId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - orgId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/admin/bootstrap: post: requestBody: required: true content: application/json: schema: type: object properties: email: type: string format: email minLength: 1 password: type: string minLength: 1 organization: type: string minLength: 1 required: - email - password - organization additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string user: type: object properties: username: type: string firstName: type: string nullable: true lastName: type: string nullable: true email: type: string nullable: true id: type: string format: uuid superAdmin: type: boolean nullable: true required: - username - id additionalProperties: false organization: type: object properties: id: type: string format: uuid name: type: string slug: type: string required: - id - name - slug additionalProperties: false identity: type: object properties: id: type: string format: uuid name: type: string credentials: type: object properties: token: type: string required: - token additionalProperties: false required: - id - name - credentials additionalProperties: false required: - message - user - organization - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-imports: post: tags: - Secret Imports description: Create secret imports requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project you are working in. environment: type: string description: The slug of the environment to import into. path: type: string default: / description: The path to import into. import: type: object properties: environment: type: string description: The slug of the environment to import from. path: type: string description: The path to import from. required: - environment - path additionalProperties: false isReplication: type: boolean default: false description: When true, secrets from the source will be automatically sent to the destination. If approval policies exist at the destination, the secrets will be sent as approval requests instead of being applied immediately. required: - workspaceId - environment - import additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Secret Imports description: Get secret imports parameters: - schema: type: string in: query name: workspaceId required: true description: The ID of the project to list secret imports from. - schema: type: string in: query name: environment required: true description: The slug of the environment to list secret imports from. - schema: type: string default: / in: query name: path required: false description: The path to list secret imports from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImports: type: array items: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImports additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-imports/{secretImportId}: patch: tags: - Secret Imports description: Update secret imports requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project where the secret import is located. environment: type: string description: The slug of the environment where the secret import is located. path: type: string default: / description: The path of the secret import to update. import: type: object properties: environment: type: string description: The new environment slug to import from. path: type: string description: The new path to import from. position: type: number description: The new position of the secret import. The lowest number will be displayed as the first import. additionalProperties: false required: - workspaceId - environment - import additionalProperties: false parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Secret Imports description: Delete secret imports requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to delete the secret import from. environment: type: string description: The slug of the environment where the secret import is located. path: type: string default: / description: The path of the secret import to delete. required: - workspaceId - environment additionalProperties: false parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Secret Imports description: Get single secret import parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to fetch. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true environment: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false projectId: type: string importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false secretPath: type: string required: - id - importPath - position - createdAt - updatedAt - folderId - environment - projectId - importEnv - secretPath additionalProperties: false required: - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-imports/secrets/raw: get: tags: - Secret Imports parameters: - schema: type: string in: query name: workspaceId required: true - schema: type: string in: query name: environment required: true - schema: type: string default: / in: query name: path required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secrets: type: array items: type: object properties: secretPath: type: string environment: type: string environmentInfo: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false folderId: type: string secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secretPath - environment - environmentInfo - secrets additionalProperties: false required: - secrets additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/folders: post: tags: - Folders description: Create folders requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to create the folder in. environment: type: string description: The slug of the environment to create the folder in. name: type: string description: The name of the folder to create. path: type: string default: / description: The path of the folder to create. directory: type: string default: / description: The directory of the folder to create. (Deprecated in favor of path) description: type: string nullable: true description: An optional description label for the folder. required: - workspaceId - environment - name additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true path: type: string required: - id - name - createdAt - updatedAt - envId - path additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Folders description: Get folders parameters: - schema: type: string in: query name: workspaceId required: true description: The ID of the project to list folders from. - schema: type: string in: query name: environment required: true description: The slug of the environment to list folders from. - schema: type: string format: date-time in: query name: lastSecretModified required: false description: The timestamp used to filter folders with secrets modified after the specified date. The format for this timestamp is ISO 8601 (e.g. 2025-04-01T09:41:45-04:00) - schema: type: string in: query name: path required: false description: The path to list folders from. - schema: type: string in: query name: directory required: false description: The directory to list folders from. (Deprecated in favor of path) - schema: anyOf: - type: boolean - type: string default: false in: query name: recursive required: false description: Whether or not to fetch all folders from the specified base path, and all of its subdirectories. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folders: type: array items: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true relativePath: type: string required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folders additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/folders/{folderId}: patch: tags: - Folders description: Update folder requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project where the folder is located. environment: type: string description: The slug of the environment where the folder is located. name: type: string description: The new name of the folder. path: type: string default: / description: The path of the folder to update. directory: type: string default: / description: The new directory of the folder to update. (Deprecated in favor of path) description: type: string nullable: true description: An optional description label for the folder. required: - workspaceId - environment - name additionalProperties: false parameters: - schema: type: string in: path name: folderId required: true description: The ID of the folder to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true path: type: string required: - id - name - createdAt - updatedAt - envId - path additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/folders/batch: patch: tags: - Folders description: Update folders by batch requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project where the folder is located. folders: type: array items: type: object properties: id: type: string description: The ID of the folder to update. environment: type: string description: The slug of the environment where the folder is located. name: type: string description: The new name of the folder. path: type: string default: / description: The path of the folder to update. description: type: string nullable: true description: An optional description label for the folder. required: - id - environment - name additionalProperties: false minItems: 1 required: - projectSlug - folders additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folders: type: array items: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folders additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/folders/{folderIdOrName}: delete: tags: - Folders description: Delete a folder requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to delete the folder from. environment: type: string description: The slug of the environment where the folder is located. path: type: string default: / description: The path of the folder to delete. directory: type: string default: / description: The directory of the folder to delete. (Deprecated in favor of path) required: - workspaceId - environment additionalProperties: false parameters: - schema: type: string in: path name: folderIdOrName required: true description: The ID or name of the folder to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/folders/{id}: get: tags: - Folders description: Get folder by id parameters: - schema: type: string in: path name: id required: true description: The ID of the folder to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true environment: type: object properties: envId: type: string envName: type: string envSlug: type: string required: - envId - envName - envSlug additionalProperties: false path: type: string projectId: type: string required: - id - name - createdAt - updatedAt - envId - environment - path - projectId additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}: get: tags: - Projects description: Get project parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: workspace: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments additionalProperties: false additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Projects description: Delete project parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: workspace: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt additionalProperties: false additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Projects description: Update project requestBody: required: true content: application/json: schema: type: object properties: name: type: string maxLength: 64 description: The new name of the project. description: type: string maxLength: 1024 description: An optional description label for the project. autoCapitalization: type: boolean description: Disable or enable auto-capitalization for the project. hasDeleteProtection: type: boolean description: Enable or disable delete protection for the project. slug: type: string maxLength: 64 description: An optional slug for the project. (must be unique within the organization) secretSharing: type: boolean description: Enable or disable secret sharing for the project. showSnapshotsLegacy: type: boolean description: Enable or disable legacy snapshots for the project. defaultProduct: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai description: The default product in which the project will open secretDetectionIgnoreValues: type: array items: type: string description: The list of secret values to ignore for secret detection. additionalProperties: false parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: workspace: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt additionalProperties: false required: - workspace additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/integrations: get: tags: - Integrations description: List integrations for a project. parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to list integrations for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrations: type: array items: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true environment: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt - environment additionalProperties: false required: - integrations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/authorizations: get: tags: - Integrations description: List integration auth objects for a workspace. parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to list integration auths for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: authorizations: type: array items: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - authorizations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/environments/{envId}: get: tags: - Environments description: Get Environment parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project the environment belongs to. - schema: type: string in: path name: envId required: true description: The ID of the environment to fetch. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/environments/{envId}: get: tags: - Environments description: Get Environment by ID parameters: - schema: type: string in: path name: envId required: true description: The ID of the environment to fetch. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/environments: post: tags: - Environments description: Create environment requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the environment to create. position: type: number minimum: 1 description: The position of the environment. The lowest number will be displayed as the first environment. slug: type: string minLength: 1 maxLength: 64 description: The slug of the environment to create. required: - name - slug additionalProperties: false parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to create the environment in. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string workspace: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - workspace - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/environments/{id}: patch: tags: - Environments description: Update environment requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The new slug of the environment. name: type: string description: The new name of the environment. position: type: number description: The new position of the environment. The lowest number will be displayed as the first environment. additionalProperties: false parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to update the environment in. - schema: type: string in: path name: id required: true description: The ID of the environment to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string workspace: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - workspace - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Environments description: Delete environment parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to delete the environment from. - schema: type: string in: path name: id required: true description: The ID of the environment to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string workspace: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - workspace - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/memberships: get: tags: - Project Users description: Return project user memberships parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to get memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time userId: type: string format: uuid projectId: type: string user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false required: - id - createdAt - userId - projectId - user - roles additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/memberships/details: post: tags: - Project Users description: Return project user memberships requestBody: required: true content: application/json: schema: type: object properties: username: type: string minLength: 1 description: The username to get project membership of. Email is the default username. required: - username additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: workspaceId required: true description: The ID of the project to get memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: id: type: string format: uuid userId: type: string format: uuid projectId: type: string user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false required: - id - userId - projectId - user - roles additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{workspaceId}/memberships/{membershipId}: patch: tags: - Project Users description: Update project user membership requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of roles to update the membership to. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: workspaceId required: true description: The ID of the project to update the membership for. - schema: type: string in: path name: membershipId required: true description: The ID of the membership to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{projectId}/tags: get: tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list tags from. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - workspaceTags additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - Folders requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the tag to create. color: type: string description: The color of the tag to create. required: - slug - color additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to create the tag in. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - workspaceTag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{projectId}/tags/{tagId}: get: tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get tags from. - schema: type: string in: path name: tagId required: true description: The ID of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user name: type: string required: - id - slug - createdAt - updatedAt - projectId - name additionalProperties: false required: - workspaceTag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Folders requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the tag to update. color: type: string description: The color of the tag to update. required: - slug - color additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the tag in. - schema: type: string in: path name: tagId required: true description: The ID of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - workspaceTag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the tag from. - schema: type: string in: path name: tagId required: true description: The ID of the tag to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - workspaceTag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/workspace/{projectId}/tags/slug/{tagSlug}: get: tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get tags from. - schema: type: string in: path name: tagSlug required: true description: The slug of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaceTag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user name: type: string required: - id - slug - createdAt - updatedAt - projectId - name additionalProperties: false required: - workspaceTag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects: post: operationId: createProject tags: - Projects description: Create a new project requestBody: required: true content: application/json: schema: type: object properties: projectName: type: string maxLength: 64 description: The name of the project to create. projectDescription: type: string maxLength: 1024 description: An optional description label for the project. slug: type: string minLength: 5 maxLength: 36 description: An optional slug for the project. kmsKeyId: type: string template: type: string minLength: 1 maxLength: 64 default: default description: The name of the project template, if specified, to apply to this project. type: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai default: secret-manager shouldCreateDefaultEnvs: type: boolean default: true hasDeleteProtection: type: boolean default: false required: - projectName additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: project: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false deletedEnvironments: type: array items: type: object properties: id: type: string name: type: string slug: type: string deleteAfter: type: string format: date-time softDeletedAt: type: string format: date-time deletedBy: anyOf: - type: object properties: type: type: string enum: - user id: type: string email: type: string nullable: true username: type: string nullable: true firstName: type: string nullable: true lastName: type: string nullable: true required: - type - id - email - username - firstName - lastName additionalProperties: false - type: object properties: type: type: string enum: - identity id: type: string name: type: string required: - type - id - name additionalProperties: false nullable: true required: - id - name - slug - deleteAfter - softDeletedAt - deletedBy additionalProperties: false required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments - deletedEnvironments additionalProperties: false required: - project additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listProjects tags: - Projects description: List projects parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: includeRoles required: false - schema: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai in: query name: type required: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: projects: type: array items: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false deletedEnvironments: type: array items: type: object properties: id: type: string name: type: string slug: type: string deleteAfter: type: string format: date-time softDeletedAt: type: string format: date-time deletedBy: anyOf: - type: object properties: type: type: string enum: - user id: type: string email: type: string nullable: true username: type: string nullable: true firstName: type: string nullable: true lastName: type: string nullable: true required: - type - id - email - username - firstName - lastName additionalProperties: false - type: object properties: type: type: string enum: - identity id: type: string name: type: string required: - type - id - name additionalProperties: false nullable: true required: - id - name - slug - deleteAfter - softDeletedAt - deletedBy additionalProperties: false roles: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: {} createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string version: type: number default: 1 required: - id - name - slug - createdAt - updatedAt - projectId additionalProperties: false required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments - deletedEnvironments additionalProperties: false required: - projects additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}: get: operationId: getProjectById tags: - Projects description: Get project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: project: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false deletedEnvironments: type: array items: type: object properties: id: type: string name: type: string slug: type: string deleteAfter: type: string format: date-time softDeletedAt: type: string format: date-time deletedBy: anyOf: - type: object properties: type: type: string enum: - user id: type: string email: type: string nullable: true username: type: string nullable: true firstName: type: string nullable: true lastName: type: string nullable: true required: - type - id - email - username - firstName - lastName additionalProperties: false - type: object properties: type: type: string enum: - identity id: type: string name: type: string required: - type - id - name additionalProperties: false nullable: true required: - id - name - slug - deleteAfter - softDeletedAt - deletedBy additionalProperties: false required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments - deletedEnvironments additionalProperties: false additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteProject tags: - Projects description: Delete project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: project: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt additionalProperties: false additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateProject tags: - Projects description: Update project requestBody: required: true content: application/json: schema: type: object properties: name: type: string maxLength: 64 description: The new name of the project. description: type: string maxLength: 1024 description: An optional description label for the project. autoCapitalization: type: boolean description: Disable or enable auto-capitalization for the project. hasDeleteProtection: type: boolean description: Enable or disable delete protection for the project. enforceEncryptedSecretManagerSecretMetadata: type: boolean description: Enable or disable enforcement of encrypted secret metadata for the project. slug: type: string maxLength: 64 description: An optional slug for the project. (must be unique within the organization) secretSharing: type: boolean description: Enable or disable secret sharing for the project. showSnapshotsLegacy: type: boolean description: Enable or disable legacy snapshots for the project. secretDetectionIgnoreValues: type: array items: type: string description: The list of secret values to ignore for secret detection. pitVersionLimit: type: number minimum: 1 maximum: 100 additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: project: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt additionalProperties: false required: - project additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/slug/{slug}: get: operationId: getProjectBySlug tags: - Projects description: Get project details by slug parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: slug required: true description: The slug of the project to get. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false deletedEnvironments: type: array items: type: object properties: id: type: string name: type: string slug: type: string deleteAfter: type: string format: date-time softDeletedAt: type: string format: date-time deletedBy: anyOf: - type: object properties: type: type: string enum: - user id: type: string email: type: string nullable: true username: type: string nullable: true firstName: type: string nullable: true lastName: type: string nullable: true required: - type - id - email - username - firstName - lastName additionalProperties: false - type: object properties: type: type: string enum: - identity id: type: string name: type: string required: - type - id - name additionalProperties: false nullable: true required: - id - name - slug - deleteAfter - softDeletedAt - deletedBy additionalProperties: false required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments - deletedEnvironments additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/integrations: get: operationId: listProjectIntegrations tags: - Integrations description: List integrations for a project. parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list integrations for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrations: type: array items: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true environment: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt - environment additionalProperties: false required: - integrations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/authorizations: get: operationId: listProjectIntegrationAuthorizations tags: - Integrations description: List integration auth objects for a project. parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list integration auths for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: authorizations: type: array items: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - authorizations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/cas: get: operationId: listProjectCertificateAuthorities tags: - PKI Certificate Authorities parameters: - schema: type: string enum: - active - pending-certificate in: query name: status required: false description: The status of the CA to filter by. - schema: type: string in: query name: friendlyName required: false description: The friendly name of the CA to filter by. - schema: type: string in: query name: commonName required: false description: The common name of the CA to filter by. - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th CA. - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: The number of CAs to return. - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: cas: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - cas additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/certificates/search: post: operationId: searchProjectCertificates tags: - PKI Certificates description: Search and filter certificates within a project. requestBody: required: true content: application/json: schema: type: object properties: friendlyName: type: string description: The friendly name of the certificate to filter by. commonName: type: string description: The common name of the certificate to filter by. offset: type: number minimum: 0 default: 0 description: The offset to start from. If you enter 10, it will start from the 10th certificate. limit: type: number minimum: 1 maximum: 100 default: 25 description: The number of certificates to return. forPkiSync: type: boolean default: false description: Retrieve only certificates available for PKI sync. search: type: string description: Search by SAN, CN, certificate ID, or serial number. status: type: string description: Filter by certificate status. profileIds: type: array items: type: string format: uuid description: Filter by certificate profile IDs. fromDate: type: string format: date-time description: Filter certificates created from this date. toDate: type: string format: date-time description: Filter certificates created until this date. metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 required: - key additionalProperties: false description: Filter by metadata key-value pairs. Each entry should have a key (required) and optionally a value to match against. extendedKeyUsage: type: string description: Filter by extended key usage. Only certificates containing this EKU will be returned (e.g. 'codeSigning', 'serverAuth'). keyAlgorithm: anyOf: - type: string - type: array items: type: string description: Filter by key algorithm (e.g. 'RSA_2048', 'EC_prime256v1'). signatureAlgorithm: type: string description: Filter by signature algorithm (e.g. 'RSA-SHA256', 'ECDSA-SHA256'). keySizes: type: array items: type: number description: Filter by key sizes in bits (e.g. [2048, 4096]). caIds: type: array items: type: string format: uuid description: Filter by certificate authority IDs. enrollmentTypes: type: array items: type: string description: Filter by enrollment types (e.g. 'api', 'est', 'acme', 'scep'). source: anyOf: - type: string - type: array items: type: string description: Filter by certificate source ('issued', 'discovered', 'imported'). notAfterFrom: type: string format: date-time description: Filter certificates expiring on or after this date. notAfterTo: type: string format: date-time description: Filter certificates expiring on or before this date. notBeforeFrom: type: string format: date-time description: Filter certificates issued on or after this date. notBeforeTo: type: string format: date-time description: Filter certificates issued on or before this date. applicationId: type: string format: uuid description: Filter to certificates issued through a specific Application. applicationIds: type: array items: type: string format: uuid description: Filter to certificates issued through any of the supplied Applications. sortBy: type: string enum: - notAfter - notBefore - createdAt - commonName - keyAlgorithm - status description: Column to sort by (e.g. 'notAfter', 'notBefore', 'commonName'). sortOrder: type: string enum: - asc - desc description: 'Sort direction: ''asc'' or ''desc''.' additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true hasPrivateKey: type: boolean caName: type: string nullable: true profileName: type: string nullable: true enrollmentType: type: string nullable: true applicationName: type: string nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter - projectId - hasPrivateKey additionalProperties: false totalCount: type: number required: - certificates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/pki-alerts: get: operationId: listProjectPkiAlerts tags: - PKI Alerting parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alerts: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string pkiCollectionId: type: string format: uuid name: type: string alertBeforeDays: type: number recipientEmails: type: string required: - id - createdAt - updatedAt - projectId - pkiCollectionId - name - alertBeforeDays - recipientEmails additionalProperties: false required: - alerts additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/pki-collections: get: operationId: listProjectPkiCollections tags: - PKI Certificate Collections parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: collections: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false required: - collections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/pki-subscribers: get: operationId: listProjectPkiSubscribers tags: - PKI Subscribers parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list PKI subscribers for. responses: '200': description: Default Response content: application/json: schema: type: object properties: subscribers: type: array items: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false required: - subscribers additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/certificate-templates: get: operationId: listProjectCertificateTemplates tags: - PKI Certificate Templates parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false required: - certificateTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/ssh-certificate-templates: get: operationId: listProjectSshCertificateTemplates tags: - SSH Certificate Templates parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH certificate templates for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false required: - certificateTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/ssh-cas: get: operationId: listProjectSshCertificateAuthorities tags: - SSH Certificate Authorities parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH CAs for. responses: '200': description: Default Response content: application/json: schema: type: object properties: cas: type: array items: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource additionalProperties: false required: - cas additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/ssh-hosts: get: operationId: listProjectSshHosts tags: - SSH Hosts parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH hosts for. responses: '200': description: Default Response content: application/json: schema: type: object properties: hosts: type: array items: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false required: - hosts additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/ssh-host-groups: get: operationId: listProjectSshHostGroups tags: - SSH Host Groups parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH host groups for. responses: '200': description: Default Response content: application/json: schema: type: object properties: groups: type: array items: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false hostCount: type: number required: - id - projectId - name - loginMappings - hostCount additionalProperties: false required: - groups additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships: get: tags: - Project Users description: Return project user memberships parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time userId: type: string format: uuid projectId: type: string user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false required: - id - createdAt - userId - projectId - user - roles additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: inviteProjectMembers tags: - Project Users description: Invite members to project requestBody: required: true content: application/json: schema: type: object properties: emails: type: array items: type: string format: email default: [] description: A list of organization member emails to invite to the project. usernames: type: array items: type: string default: [] description: A list of usernames to invite to the project. roleSlugs: type: array items: type: string minItems: 1 description: A list of role slugs to assign to the newly created project membership. If nothing is provided, it will default to the Member role. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to invite the member to. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid projectId: type: string required: - id - createdAt - updatedAt - userId - projectId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeProjectMembers tags: - Project Users description: Remove members from project requestBody: required: true content: application/json: schema: type: object properties: emails: type: array items: type: string format: email default: [] description: A list of organization member emails to remove from the project. usernames: type: array items: type: string default: [] description: A list of usernames to remove from the project. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to remove the member from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid projectId: type: string required: - id - createdAt - updatedAt - userId - projectId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/details: post: operationId: getProjectMembershipByUsername tags: - Project Users description: Return project user memberships requestBody: required: true content: application/json: schema: type: object properties: username: type: string minLength: 1 description: The username to get project membership of. Email is the default username. required: - username additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: projectId required: true description: The ID of the project to get memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: id: type: string format: uuid userId: type: string format: uuid projectId: type: string user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false required: - id - userId - projectId - user - roles additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/{membershipId}: patch: operationId: updateProjectMembership tags: - Project Users description: Update project user membership requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of roles to update the membership to. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the membership for. - schema: type: string in: path name: membershipId required: true description: The ID of the membership to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/identities: post: operationId: createProjectMachineIdentity tags: - Identities description: Create an identity in a project requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 description: The name of the identity to create. hasDeleteProtection: type: boolean default: false description: Prevents deletion of the identity when enabled. metadata: type: array items: type: object properties: key: type: string minLength: 1 value: type: string minLength: 1 required: - key - value additionalProperties: false description: An optional array of key-value pairs to attach to the identity. required: - name additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to create the identity in security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string orgId: type: string format: uuid projectId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false activeLockoutAuthMethods: type: array items: type: string authMethods: type: array items: type: string metadata: type: array items: type: object properties: key: type: string value: type: string id: type: string required: - key - value - id additionalProperties: false required: - id - name - orgId - createdAt - updatedAt additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listProjectMachineIdentities tags: - Identities description: List identities in a project parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity. - schema: type: number minimum: 1 maximum: 1000 default: 20 in: query name: limit required: false description: The number of identities to return. - schema: type: string in: query name: search required: false description: The text string that identity names will be filtered by. - schema: type: string in: path name: projectId required: true description: The ID of the project security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string format: uuid name: type: string orgId: type: string format: uuid projectId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false activeLockoutAuthMethods: type: array items: type: string authMethods: type: array items: type: string metadata: type: array items: type: object properties: key: type: string value: type: string id: type: string required: - key - value - id additionalProperties: false required: - id - name - orgId - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - identities - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/identities/{identityId}: patch: operationId: updateProjectMachineIdentity tags: - Identities description: Update an identity in a project requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 description: The new name of the identity. hasDeleteProtection: type: boolean description: Prevents deletion of the identity when enabled. metadata: type: array items: type: object properties: key: type: string minLength: 1 value: type: string minLength: 1 required: - key - value additionalProperties: false description: An optional array of key-value pairs to attach to the identity. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string orgId: type: string format: uuid projectId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false activeLockoutAuthMethods: type: array items: type: string authMethods: type: array items: type: string metadata: type: array items: type: object properties: key: type: string value: type: string id: type: string required: - key - value - id additionalProperties: false required: - id - name - orgId - createdAt - updatedAt additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteProjectMachineIdentity tags: - Identities description: Delete an identity from a project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string orgId: type: string format: uuid projectId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false activeLockoutAuthMethods: type: array items: type: string authMethods: type: array items: type: string metadata: type: array items: type: object properties: key: type: string value: type: string id: type: string required: - key - value - id additionalProperties: false required: - id - name - orgId - createdAt - updatedAt additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getProjectMachineIdentityById tags: - Identities description: Get an identity by ID in a project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string orgId: type: string format: uuid projectId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false activeLockoutAuthMethods: type: array items: type: string authMethods: type: array items: type: string metadata: type: array items: type: object properties: key: type: string value: type: string id: type: string required: - key - value - id additionalProperties: false required: - id - name - orgId - createdAt - updatedAt additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/environments/{envId}: get: operationId: getEnvironmentById tags: - Environments description: Get Environment by ID parameters: - schema: type: string in: path name: envId required: true description: The ID of the environment to fetch. - schema: type: string in: path name: projectId required: true description: The ID of the project the environment belongs to. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/environments: post: operationId: createEnvironment tags: - Environments description: Create environment requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the environment to create. position: type: number minimum: 1 description: The position of the environment. The lowest number will be displayed as the first environment. slug: type: string minLength: 1 maxLength: 64 description: The slug of the environment to create. required: - name - slug additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to create the environment in. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string projectId: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - projectId - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/environments/{id}: patch: operationId: updateEnvironment tags: - Environments description: Update environment requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The new slug of the environment. name: type: string description: The new name of the environment. position: type: number description: The new position of the environment. The lowest number will be displayed as the first environment. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the environment in. - schema: type: string in: path name: id required: true description: The ID of the environment to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string projectId: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - projectId - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteEnvironment tags: - Environments description: Delete environment parameters: - schema: type: string enum: - 'true' - 'false' in: query name: hardDelete required: false description: When true, permanently removes the environment. When false or omitted, the environment is soft-deleted (preserved and scheduled for permanent deletion after a grace period) and hidden from subsequent reads. - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the environment from. - schema: type: string in: path name: id required: true description: The ID of the environment to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string projectId: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - projectId - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/environments/{id}/restore: post: operationId: restoreEnvironment tags: - Environments description: Restore a soft-deleted environment parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project the environment belongs to. - schema: type: string in: path name: id required: true description: The ID of the soft-deleted environment to restore. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string projectId: type: string environment: type: object properties: id: type: string format: uuid name: type: string slug: type: string position: type: number projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time deleteAfter: type: string format: date-time nullable: true softDeletedAt: type: string format: date-time nullable: true deletedByUserId: type: string format: uuid nullable: true deletedByIdentityId: type: string format: uuid nullable: true required: - id - name - slug - position - projectId - createdAt - updatedAt additionalProperties: false required: - message - projectId - environment additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/tags: get: operationId: listSecretTags tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list tags from. responses: '200': description: Default Response content: application/json: schema: type: object properties: tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - tags additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSecretTag tags: - Folders requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the tag to create. color: type: string description: The color of the tag to create. required: - slug - color additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to create the tag in. responses: '200': description: Default Response content: application/json: schema: type: object properties: tag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - tag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/tags/{tagId}: get: operationId: getSecretTagById tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get tags from. - schema: type: string in: path name: tagId required: true description: The ID of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: tag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user name: type: string required: - id - slug - createdAt - updatedAt - projectId - name additionalProperties: false required: - tag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSecretTag tags: - Folders requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the tag to update. color: type: string description: The color of the tag to update. required: - slug - color additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the tag in. - schema: type: string in: path name: tagId required: true description: The ID of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: tag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - tag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSecretTag tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the tag from. - schema: type: string in: path name: tagId required: true description: The ID of the tag to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: tag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user required: - id - slug - createdAt - updatedAt - projectId additionalProperties: false required: - tag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/tags/slug/{tagSlug}: get: operationId: getSecretTagBySlug tags: - Folders parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get tags from. - schema: type: string in: path name: tagSlug required: true description: The slug of the tag to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: tag: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string format: uuid nullable: true projectId: type: string createdByActorType: type: string default: user name: type: string required: - id - slug - createdAt - updatedAt - projectId - name additionalProperties: false required: - tag additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/secret-validation-rules: get: parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: rules: type: array items: allOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true projectId: type: string envId: type: string format: uuid nullable: true secretPath: type: string isActive: type: boolean default: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - projectId - secretPath - createdAt - updatedAt - anyOf: - type: object properties: type: type: string enum: - static-secrets inputs: type: object properties: constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - dynamic-secrets inputs: type: object properties: providers: type: array items: type: string enum: - sql-database - milvus minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - secret-rotations inputs: type: object properties: providers: type: array items: type: string enum: - postgres-credentials minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false required: - rules additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 100 description: type: string maxLength: 500 nullable: true environmentSlug: type: string minLength: 1 secretPath: type: string minLength: 1 rule: anyOf: - type: object properties: type: type: string enum: - static-secrets inputs: type: object properties: constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - dynamic-secrets inputs: type: object properties: providers: type: array items: type: string enum: - sql-database - milvus minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - secret-rotations inputs: type: object properties: providers: type: array items: type: string enum: - postgres-credentials minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false required: - name - secretPath - rule additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: rule: allOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true projectId: type: string envId: type: string format: uuid nullable: true secretPath: type: string isActive: type: boolean default: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - projectId - secretPath - createdAt - updatedAt - anyOf: - type: object properties: type: type: string enum: - static-secrets inputs: type: object properties: constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - dynamic-secrets inputs: type: object properties: providers: type: array items: type: string enum: - sql-database - milvus minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - secret-rotations inputs: type: object properties: providers: type: array items: type: string enum: - postgres-credentials minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false required: - rule additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/secret-validation-rules/{ruleId}: patch: requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 100 description: type: string maxLength: 500 nullable: true environmentSlug: type: string minLength: 1 nullable: true secretPath: type: string minLength: 1 type: type: string enum: - static-secrets - dynamic-secrets - secret-rotations inputs: type: object properties: {} additionalProperties: true isActive: type: boolean additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: ruleId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: rule: allOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true projectId: type: string envId: type: string format: uuid nullable: true secretPath: type: string isActive: type: boolean default: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - projectId - secretPath - createdAt - updatedAt - anyOf: - type: object properties: type: type: string enum: - static-secrets inputs: type: object properties: constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - dynamic-secrets inputs: type: object properties: providers: type: array items: type: string enum: - sql-database - milvus minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - secret-rotations inputs: type: object properties: providers: type: array items: type: string enum: - postgres-credentials minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false required: - rule additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: ruleId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: rule: allOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true projectId: type: string envId: type: string format: uuid nullable: true secretPath: type: string isActive: type: boolean default: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - projectId - secretPath - createdAt - updatedAt - anyOf: - type: object properties: type: type: string enum: - static-secrets inputs: type: object properties: constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - dynamic-secrets inputs: type: object properties: providers: type: array items: type: string enum: - sql-database - milvus minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false - type: object properties: type: type: string enum: - secret-rotations inputs: type: object properties: providers: type: array items: type: string enum: - postgres-credentials minItems: 1 constraints: type: array items: type: object properties: type: type: string enum: - min-length - max-length - regex-pattern - required-prefix - required-suffix - prevent-value-reuse appliesTo: type: string enum: - key - value - password value: type: string required: - type - appliesTo - value additionalProperties: false minItems: 1 required: - providers - constraints additionalProperties: false required: - type - inputs additionalProperties: false required: - rule additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/groups/{groupIdOrName}: post: operationId: addGroupToProject tags: - Project Groups description: 'Deprecated: Use POST /api/v1/projects/:projectId/memberships/groups/:groupId instead. Add group to project.' requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 default: no-access description: The role for the group to assume in the project. roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to add the group to. - schema: type: string in: path name: groupIdOrName required: true description: The ID or name of the group to add to the project. deprecated: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid projectId: type: string groupId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - groupId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/groups/{groupId}: patch: operationId: updateProjectGroup tags: - Project Groups description: 'Deprecated: Use PATCH /api/v1/projects/:projectId/memberships/groups/:groupId instead. Update group in project.' requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of roles to update the group to. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the group in. - schema: type: string in: path name: groupId required: true description: The ID of the group to update in the project. deprecated: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeGroupFromProject tags: - Project Groups description: 'Deprecated: Use DELETE /api/v1/projects/:projectId/memberships/groups/:groupId instead. Remove group from project.' parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the group from. - schema: type: string in: path name: groupId required: true description: The ID of the group to delete from the project. deprecated: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid projectId: type: string groupId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - groupId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getProjectGroup tags: - Project Groups description: 'Deprecated: Use GET /api/v1/projects/:projectId/memberships/groups/:groupId instead. Return project group.' parameters: - schema: type: string in: path name: projectId required: true - schema: type: string in: path name: groupId required: true deprecated: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string groupId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false group: type: object properties: name: type: string id: type: string format: uuid slug: type: string required: - name - id - slug additionalProperties: false required: - id - groupId - createdAt - updatedAt - roles - group additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/groups: get: operationId: listProjectGroups tags: - Project Groups description: 'Deprecated: Use GET /api/v1/projects/:projectId/memberships/groups instead. Return list of groups in project.' parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list groups for. deprecated: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMemberships: type: array items: type: object properties: id: type: string groupId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false required: - id - groupId - createdAt - updatedAt - roles - group additionalProperties: false required: - groupMemberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/identity-memberships/{identityId}: post: tags: - Project Identities description: Create project identity membership requestBody: required: true content: application/json: schema: type: object properties: role: type: string default: no-access roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: The role slug to assign to the newly created identity project membership. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: The role slug to assign to the newly created identity project membership. temporaryMode: type: string enum: - relative description: The role slug to assign to the newly created identity project membership. temporaryRange: type: string description: The role slug to assign to the newly created identity project membership. temporaryAccessStartTime: type: string format: date-time description: The role slug to assign to the newly created identity project membership. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false description: A list of role slugs to assign to the newly created identity project membership. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string in: path name: identityId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Project Identities description: Update project identity memberships requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. temporaryMode: type: string enum: - relative description: Type of temporary expiry. temporaryRange: type: string description: Expiry time for temporary access. In relative mode it could be 1s, 2m ,3h, etc. temporaryAccessStartTime: type: string format: date-time description: Time to which the temporary access starts. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of role slugs to assign to the identity project membership. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Identities description: Delete project identity memberships parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the identity membership from. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to delete the membership from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Project Identities description: Return project identity membership parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true identity: type: object properties: name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string format: uuid authMethods: type: array items: type: string required: - name - id - orgId - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/identity-memberships: get: tags: - Project Identities description: Return project identity memberships parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity membership. - schema: type: number minimum: 1 maximum: 20000 default: 100 in: query name: limit required: false description: The number of identity memberships to return. - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The column to order identity memberships by. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction identity memberships will be sorted in. - schema: type: string in: query name: search required: false description: The text string that identity membership names will be filtered by. - schema: type: string in: path name: projectId required: true description: The ID of the project to get identity memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMemberships: type: array items: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string format: uuid authMethods: type: array items: type: string required: - name - id - orgId - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false totalCount: type: number required: - identityMemberships - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/identity-memberships/{identityMembershipId}: get: tags: - Project Identities parameters: - schema: type: string in: path name: identityMembershipId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid authMethods: type: array items: type: string required: - name - id - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/identities/{identityId}: post: operationId: createProjectIdentityMembership tags: - Project Identities description: Create project identity membership requestBody: required: true content: application/json: schema: type: object properties: role: type: string default: no-access roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: The role slug to assign to the newly created identity project membership. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: The role slug to assign to the newly created identity project membership. temporaryMode: type: string enum: - relative description: The role slug to assign to the newly created identity project membership. temporaryRange: type: string description: The role slug to assign to the newly created identity project membership. temporaryAccessStartTime: type: string format: date-time description: The role slug to assign to the newly created identity project membership. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false description: A list of role slugs to assign to the newly created identity project membership. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string in: path name: identityId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateProjectIdentityMembership tags: - Project Identities description: Update project identity memberships requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. temporaryMode: type: string enum: - relative description: Type of temporary expiry. temporaryRange: type: string description: Expiry time for temporary access. In relative mode it could be 1s, 2m ,3h, etc. temporaryAccessStartTime: type: string format: date-time description: Time to which the temporary access starts. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of role slugs to assign to the identity project membership. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteProjectIdentityMembership tags: - Project Identities description: Delete project identity memberships parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the identity membership from. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to delete the membership from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getProjectIdentityMembershipById tags: - Project Identity Membership description: Get project identity membership by identity ID parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true identity: type: object properties: name: type: string id: type: string format: uuid orgId: type: string format: uuid projectId: type: string nullable: true authMethods: type: array items: type: string metadata: type: array items: type: object properties: id: type: string minLength: 1 key: type: string minLength: 1 value: type: string minLength: 1 required: - id - key - value additionalProperties: false required: - name - id - orgId - authMethods additionalProperties: false required: - id - createdAt - updatedAt - roles - identity additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/identities: get: operationId: listProjectIdentityMemberships tags: - Project Identity Membership description: List project identity memberships parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity membership. - schema: type: number minimum: 1 maximum: 1000 default: 20 in: query name: limit required: false description: The number of identity memberships to return. - schema: type: string in: query name: identityName required: false description: The text string that identity membership names will be filtered by. - schema: type: string in: query name: roles required: false description: The role slugs to filter identity memberships by. - schema: type: string in: path name: projectId required: true description: The ID of the project to list identity memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMemberships: type: array items: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid orgId: type: string format: uuid projectId: type: string nullable: true authMethods: type: array items: type: string activeLockoutAuthMethods: type: array items: type: string required: - name - id - orgId - authMethods - activeLockoutAuthMethods additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity additionalProperties: false totalCount: type: number required: - identityMemberships - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/available-identities: get: operationId: listAvailableProjectIdentities tags: - Project Identity Membership description: List available identities for project membership parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity. - schema: type: number minimum: 1 maximum: 1000 default: 20 in: query name: limit required: false description: The number of identities to return. - schema: type: string in: query name: identityName required: false description: The text string that identity membership names will be filtered by. - schema: type: string in: path name: projectId required: true description: The ID of the project to list available identities for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string format: uuid name: type: string required: - id - name additionalProperties: false required: - identities additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/groups: get: operationId: listProjectGroupMemberships tags: - Project Groups description: List project group memberships. parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list groups for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMemberships: type: array items: type: object properties: id: type: string format: uuid groupId: type: string format: uuid projectId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - projectId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMemberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/projects/{projectId}/memberships/groups/{groupId}: post: operationId: createProjectGroupMembership tags: - Project Groups description: Add a group from the organization to the project by creating a project group membership. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 default: no-access roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid projectId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - projectId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getProjectGroupMembership tags: - Project Groups description: Get project group membership by group ID. parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid projectId: type: string format: uuid group: type: object properties: id: type: string format: uuid name: type: string slug: type: string orgId: type: string format: uuid required: - id - name - slug additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - isTemporary additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - projectId - group - roles - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateProjectGroupMembership tags: - Project Groups description: Update project group membership roles. requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of roles to update the group to. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeProjectGroupMembership tags: - Project Groups description: Remove group from project. parameters: - schema: type: string in: path name: projectId required: true - schema: type: string format: uuid in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid groupId: type: string format: uuid projectId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupId - projectId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal: get: operationId: listInternalCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createInternalCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Internal Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the Internal Certificate Authority. configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{id}: get: operationId: getInternalCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateInternalCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Internal Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the Internal Certificate Authority. configuration: type: object properties: crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteInternalCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/csr: get: operationId: getCaCsr tags: - PKI Certificate Authorities description: Get CA CSR parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to generate CSR from. responses: '200': description: Default Response content: application/json: schema: type: object properties: csr: type: string description: The generated CSR from the CA. required: - csr additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/renew: post: operationId: renewCaCertificate tags: - PKI Certificate Authorities description: Perform CA certificate renewal requestBody: required: true content: application/json: schema: type: object properties: type: type: string enum: - existing description: The type of behavior to use for the renewal operation. Currently Infisical is only able to renew a CA certificate with the same key pair. notAfter: type: string description: The expiry date and time for the renewed CA certificate in YYYY-MM-DDTHH:mm:ss.sssZ format. required: - type - notAfter additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to renew the CA certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The renewed CA certificate body. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the renewed CA certificate. certId: type: string description: Certificate ID required: - certificate - certificateChain - serialNumber - certId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/certificate: post: tags: - PKI Certificate Authorities description: Generate certificate for a Certificate Authority requestBody: required: true content: application/json: schema: type: object properties: notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 default: -1 description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. parentCaId: type: string description: Parent CA ID for intermediate certificate generation required: - notBefore - notAfter additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to generate a certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The generated CA certificate. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the CA certificate. certId: type: string description: Certificate ID required: - certificate - certificateChain - serialNumber - certId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getCaCertificate tags: - PKI Certificate Authorities description: Get current CA cert and cert chain of a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the certificate body and certificate chain from. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the CA. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the CA certificate. certId: type: string description: Certificate ID required: - certificate - certificateChain - serialNumber - certId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/ca-certificates: get: operationId: getCaCertificates tags: - PKI Certificate Authorities description: Get list of past and current CA certificates for a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the CA certificates for. responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: certificate: type: string description: The certificate body of the CA certificate. certificateChain: type: string description: The certificate chain of the CA certificate. serialNumber: type: string description: The serial number of the CA certificate. certId: type: string description: Certificate ID version: type: number description: The version of the CA certificate. The version is incremented for each CA renewal operation. required: - certificate - certificateChain - serialNumber - certId - version additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/certificate/{certId}: get: tags: - PKI Certificate Authorities description: Get a specific CA certificate by ID parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the certificate body and certificate chain from. - schema: type: string in: path name: certId required: true description: Certificate ID to retrieve responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the CA. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the CA certificate. certId: type: string description: Certificate ID notBefore: type: string notAfter: type: string maxPathLength: type: number parentCaId: type: string format: uuid required: - certificate - certificateChain - serialNumber - certId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/sign-intermediate: post: operationId: signIntermediateCa tags: - PKI Certificate Authorities description: Create intermediate CA certificate from parent CA requestBody: required: true content: application/json: schema: type: object properties: csr: type: string minLength: 1 description: The pem-encoded CSR to sign with the CA. notBefore: type: string description: The date and time when the intermediate CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the intermediate CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 default: -1 description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. required: - csr - notAfter additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to sign the intermediate certificate with. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The signed intermediate certificate. certificateChain: type: string description: The certificate chain of the intermediate certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. serialNumber: type: string description: The serial number of the intermediate certificate. required: - certificate - certificateChain - issuingCaCertificate - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/import-certificate: post: operationId: importCaCertificate tags: - PKI Certificate Authorities description: Import certificate and chain to CA requestBody: required: true content: application/json: schema: type: object properties: certificate: type: string description: The certificate body to import. certificateChain: type: string description: The certificate chain to import. required: - certificate - certificateChain additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to import the certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string caId: type: string required: - message - caId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/crls: get: operationId: getCaCrls tags: - PKI Certificate Authorities description: Get list of CRLs of the CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the certificate revocation lists (CRLs) for. responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string description: The ID of certificate revocation list (CRL). crl: type: string description: The certificate revocation list (CRL). required: - id - crl additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/certificates/{caCertId}/der: get: operationId: getCaCertificateDer tags: - PKI Certificate Authorities description: Get DER-encoded certificate of CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the CA certificate from. - schema: type: string in: path name: caCertId required: true description: The ID of the CA certificate to get. responses: '200': description: Default Response content: application/json: schema: {} '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/install-certificate-venafi: post: operationId: installCaCertificateVenafi tags: - PKI Certificate Authorities description: Install a CA certificate via Venafi TLS Protect Cloud requestBody: required: true content: application/json: schema: type: object properties: maxPathLength: type: number minimum: -1 default: -1 additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to install the certificate for via Venafi. responses: '202': description: Default Response content: application/json: schema: type: object properties: message: type: string caId: type: string required: - message - caId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/install-certificate-adcs: post: operationId: installCaCertificateAdcs tags: - PKI Certificate Authorities description: Install a CA certificate via Azure AD CS requestBody: required: true content: application/json: schema: type: object properties: maxPathLength: type: number minimum: -1 default: -1 additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to install the certificate for via Azure AD CS. responses: '202': description: Default Response content: application/json: schema: type: object properties: message: type: string caId: type: string required: - message - caId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/signing-config: post: operationId: createCaSigningConfig tags: - PKI Certificate Authorities description: Create a signing configuration for a CA requestBody: required: true content: application/json: schema: anyOf: - type: object properties: type: type: string enum: - internal parentCaId: type: string format: uuid required: - type additionalProperties: false - type: object properties: type: type: string enum: - manual required: - type additionalProperties: false - type: object properties: type: type: string enum: - venafi appConnectionId: type: string format: uuid destinationConfig: type: object properties: applicationId: type: string format: uuid issuingTemplateId: type: string format: uuid validityPeriod: type: integer exclusiveMinimum: true minimum: 0 required: - applicationId - issuingTemplateId additionalProperties: false required: - type - appConnectionId - destinationConfig additionalProperties: false - type: object properties: type: type: string enum: - azure-ad-cs appConnectionId: type: string format: uuid destinationConfig: type: object properties: template: type: string minLength: 1 validityPeriod: type: integer exclusiveMinimum: true minimum: 0 required: - template additionalProperties: false required: - type - appConnectionId - destinationConfig additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to create a signing configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid type: type: string parentCaId: type: string format: uuid nullable: true appConnectionId: type: string format: uuid nullable: true destinationConfig: nullable: true lastExternalCertificateId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - caId - type - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getCaSigningConfig tags: - PKI Certificate Authorities description: Get the signing configuration for a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the signing configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid type: type: string parentCaId: type: string format: uuid nullable: true appConnectionId: type: string format: uuid nullable: true destinationConfig: nullable: true lastExternalCertificateId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - caId - type - createdAt - updatedAt additionalProperties: false nullable: true '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCaSigningConfig tags: - PKI Certificate Authorities description: Update the signing configuration for a CA requestBody: required: true content: application/json: schema: type: object properties: parentCaId: type: string format: uuid appConnectionId: type: string format: uuid destinationConfig: anyOf: - type: object properties: applicationId: type: string format: uuid issuingTemplateId: type: string format: uuid validityPeriod: type: integer exclusiveMinimum: true minimum: 0 required: - applicationId - issuingTemplateId additionalProperties: false - type: object properties: template: type: string minLength: 1 validityPeriod: type: integer exclusiveMinimum: true minimum: 0 required: - template additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to update the signing configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid type: type: string parentCaId: type: string format: uuid nullable: true appConnectionId: type: string format: uuid nullable: true destinationConfig: nullable: true lastExternalCertificateId: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - caId - type - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/internal/{caId}/auto-renewal: get: operationId: getCaAutoRenewalConfig tags: - PKI Certificate Authorities description: Get auto-renewal configuration for a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the auto-renewal configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: autoRenewalEnabled: type: boolean autoRenewalDaysBeforeExpiry: type: number nullable: true lastRenewalStatus: type: string nullable: true lastRenewalMessage: type: string nullable: true lastRenewalAt: type: string format: date-time nullable: true required: - autoRenewalEnabled - autoRenewalDaysBeforeExpiry - lastRenewalStatus - lastRenewalMessage - lastRenewalAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCaAutoRenewalConfig tags: - PKI Certificate Authorities description: Update auto-renewal configuration for a CA requestBody: required: true content: application/json: schema: type: object properties: autoRenewalEnabled: type: boolean autoRenewalDaysBeforeExpiry: type: number minimum: 1 maximum: 365 additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to update the auto-renewal configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: autoRenewalEnabled: type: boolean autoRenewalDaysBeforeExpiry: type: number nullable: true lastRenewalStatus: type: string nullable: true lastRenewalMessage: type: string nullable: true lastRenewalAt: type: string format: date-time nullable: true required: - autoRenewalEnabled - autoRenewalDaysBeforeExpiry - lastRenewalStatus - lastRenewalMessage - lastRenewalAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/acme: get: operationId: listAcmeCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAcmeCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the ACME-compatible CA Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the ACME-compatible CA Certificate Authority. configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. eabHmacKey: type: string maxLength: 512 description: The External Account Binding (EAB) HMAC key for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/acme/{id}: get: operationId: getAcmeCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAcmeCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the ACME-compatible CA Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the ACME-compatible CA Certificate Authority. configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. eabHmacKey: type: string maxLength: 512 description: The External Account Binding (EAB) HMAC key for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAcmeCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/azure-ad-cs: get: operationId: listAzureAdCsCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureAdCsCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Active Directory Certificate Service Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the Active Directory Certificate Service Certificate Authority. configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/azure-ad-cs/{id}: get: operationId: getAzureAdCsCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureAdCsCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Active Directory Certificate Service Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the Active Directory Certificate Service Certificate Authority. configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureAdCsCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/azure-ad-cs/{caId}/templates: get: operationId: getAzureAdcsTemplates description: Get available certificate templates from Azure AD CS CA parameters: - schema: type: string in: path name: caId required: true description: Azure AD CS CA ID responses: '200': description: Default Response content: application/json: schema: type: object properties: templates: type: array items: type: object properties: id: type: string description: Template identifier name: type: string description: Template display name description: type: string description: Template description required: - id - name additionalProperties: false required: - templates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/aws-pca: get: operationId: listAwsPcaCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsPcaCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the AWS Private Certificate Authority Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the AWS Private Certificate Authority Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/aws-pca/{id}: get: operationId: getAwsPcaCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsPcaCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the AWS Private Certificate Authority Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the AWS Private Certificate Authority Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsPcaCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/digicert: get: operationId: listDigicertCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDigicertCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DigiCert Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the DigiCert Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/digicert/{id}: get: operationId: getDigicertCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDigicertCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DigiCert Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the DigiCert Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDigicertCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/godaddy: get: operationId: listGodaddyCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGodaddyCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GoDaddy Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the GoDaddy Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/godaddy/{id}: get: operationId: getGodaddyCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGodaddyCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GoDaddy Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the GoDaddy Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGodaddyCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/aws-acm-public-ca: get: operationId: listAwsAcmPublicCaCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsAcmPublicCaCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the AWS ACM Public CA Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the AWS ACM Public CA Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/aws-acm-public-ca/{id}: get: operationId: getAwsAcmPublicCaCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsAcmPublicCaCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the AWS ACM Public CA Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the AWS ACM Public CA Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsAcmPublicCaCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/venafi-tpp: get: operationId: listVenafiTppCertificateAuthoritiesV1 tags: - PKI Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createVenafiTppCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Venafi Trust Protection Platform Certificate Authority to create. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The status of the Venafi Trust Protection Platform Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca/venafi-tpp/{id}: get: operationId: getVenafiTppCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateVenafiTppCertificateAuthorityV1 tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Venafi Trust Protection Platform Certificate Authority. Must be slug-friendly. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the Venafi Trust Protection Platform Certificate Authority. configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteVenafiTppCertificateAuthorityV1 tags: - PKI Certificate Authorities parameters: - schema: type: string in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/ca: get: operationId: listCertificateAuthoritiesV1General tags: - PKI Certificate Authorities description: Get Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateAuthorities: type: array items: anyOf: - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false - type: object properties: enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - name - id - status - type - configuration additionalProperties: false required: - certificateAuthorities additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates: post: operationId: createCertificate tags: - PKI Certificates requestBody: required: true content: application/json: schema: type: object properties: profileId: type: string format: uuid applicationId: type: string format: uuid csr: type: string minLength: 1 maxLength: 4096 attributes: type: object properties: commonName: type: string minLength: 1 maxLength: 100 nullable: true organization: type: string minLength: 1 maxLength: 100 nullable: true organizationalUnit: type: string minLength: 1 maxLength: 100 nullable: true country: type: string minLength: 1 maxLength: 100 nullable: true state: type: string minLength: 1 maxLength: 100 nullable: true locality: type: string minLength: 1 maxLength: 100 nullable: true keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping altNames: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri value: type: string minLength: 1 required: - type - value additionalProperties: false signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s ttl: type: string notBefore: type: string notAfter: type: string basicConstraints: type: object properties: isCA: type: boolean pathLength: type: integer minimum: 0 required: - isCA additionalProperties: false additionalProperties: false removeRootsFromChain: anyOf: - type: boolean - type: string default: false metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false required: - profileId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: certificate: type: string issuingCaCertificate: type: string certificateChain: type: string privateKey: type: string serialNumber: type: string certificateId: type: string required: - certificate - issuingCaCertificate - certificateChain - serialNumber - certificateId additionalProperties: false nullable: true certificateRequestId: type: string status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected message: type: string required: - certificate - certificateRequestId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/certificate-requests/{requestId}: get: operationId: getCertificateRequest tags: - PKI Certificates parameters: - schema: type: string format: uuid in: path name: requestId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected certificate: type: string nullable: true certificateId: type: string nullable: true privateKey: type: string nullable: true serialNumber: type: string nullable: true errorMessage: type: string nullable: true pendingMessage: type: string nullable: true commonName: type: string nullable: true organization: type: string nullable: true organizationalUnit: type: string nullable: true country: type: string nullable: true state: type: string nullable: true locality: type: string nullable: true basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false nullable: true metadata: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - status - certificate - certificateId - privateKey - serialNumber - errorMessage - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/certificate-requests/{requestId}/trigger-validation: post: operationId: triggerCertificateRequestValidation tags: - PKI Certificates description: Manually ask the issuing CA to re-check validation for a pending certificate request parameters: - schema: type: string format: uuid in: path name: requestId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected orderStatus: type: string required: - status additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/certificate-requests/search: post: operationId: searchCertificateRequests tags: - PKI Certificates description: Search and filter certificate requests. requestBody: required: true content: application/json: schema: type: object properties: offset: type: number minimum: 0 default: 0 limit: type: number minimum: 1 maximum: 100 default: 20 search: type: string status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected fromDate: type: string format: date-time toDate: type: string format: date-time profileIds: type: array items: type: string format: uuid applicationId: type: string format: uuid description: Filter to certificate requests for profiles attached to a specific Application. sortBy: type: string sortOrder: type: string enum: - asc - desc metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 required: - key additionalProperties: false additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateRequests: type: array items: type: object properties: id: type: string status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected commonName: type: string nullable: true altNames: type: string nullable: true profileId: type: string nullable: true profileName: type: string nullable: true caId: type: string nullable: true certificateId: type: string nullable: true approvalRequestId: type: string nullable: true errorMessage: type: string nullable: true pendingMessage: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time certificate: type: object properties: id: type: string serialNumber: type: string status: type: string required: - id - serialNumber - status additionalProperties: false nullable: true required: - id - status - commonName - altNames - profileId - profileName - caId - certificateId - approvalRequestId - errorMessage - pendingMessage - createdAt - updatedAt - certificate additionalProperties: false totalCount: type: number required: - certificateRequests - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/certificate-requests/{requestId}/cancel: post: operationId: cancelCertificateRequest tags: - PKI Certificates description: Cancel a pending certificate request. parameters: - schema: type: string format: uuid in: path name: requestId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: status: type: string enum: - pending_approval - pending - pending_validation - issued - failed - rejected cancelled: type: boolean errorMessage: type: string nullable: true required: - status - cancelled - errorMessage additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/renew: post: operationId: renewCertificate tags: - PKI Certificates requestBody: required: true content: application/json: schema: anyOf: - not: {} - type: object properties: removeRootsFromChain: anyOf: - type: boolean - type: string default: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string issuingCaCertificate: type: string certificateChain: type: string privateKey: type: string serialNumber: type: string certificateId: type: string certificateRequestId: type: string required: - certificate - issuingCaCertificate - certificateChain - serialNumber - certificateId - certificateRequestId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/config: patch: operationId: updateCertificateRenewalConfig tags: - PKI Certificates requestBody: required: true content: application/json: schema: type: object properties: renewBeforeDays: type: integer minimum: 1 maximum: 30 enableAutoRenewal: type: boolean additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string renewBeforeDays: type: number required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}: get: operationId: getCertificate tags: - PKI Certificates description: Get certificate parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true subject: type: object properties: commonName: type: string organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false fingerprints: type: object properties: sha256: type: string sha1: type: string required: - sha256 additionalProperties: false basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false caName: type: string nullable: true caType: type: string enum: - internal - external nullable: true profileName: type: string nullable: true applicationName: type: string nullable: true metadata: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter additionalProperties: false required: - certificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCertificate tags: - PKI Certificates description: Update certificate requestBody: required: true content: application/json: schema: type: object properties: metadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' required: - key additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: metadata: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false required: - metadata additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCertificate tags: - PKI Certificates description: Delete certificate parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter additionalProperties: false required: - certificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/private-key: get: operationId: getCertificatePrivateKey tags: - PKI Certificates description: Get certificate private key parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to get. responses: '200': description: Default Response content: application/json: schema: type: string '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/bundle: get: operationId: getCertificateBundle tags: - PKI Certificates description: Get certificate bundle including the certificate, chain, and private key. parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to get the certificate body and certificate chain for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the certificate. certificateChain: type: string nullable: true description: The certificate chain of the certificate. privateKey: type: string nullable: true description: The private key of the certificate. serialNumber: type: string description: The serial number of the certificate. required: - certificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/import-certificate: post: operationId: importCertificate tags: - PKI Certificates description: Import certificate requestBody: required: true content: application/json: schema: type: object properties: certificatePem: type: string minLength: 1 description: The PEM-encoded leaf certificate. privateKeyPem: type: string minLength: 1 description: Optional PEM-encoded private key associated with the certificate. chainPem: type: string minLength: 1 description: Optional PEM-encoded chain of intermediate certificates. friendlyName: type: string description: A friendly name for the certificate. pkiCollectionId: type: string description: The ID of the PKI collection to add the certificate to. applicationId: type: string format: uuid required: - certificatePem additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The imported certificate. certificateChain: type: string description: The certificate chain associated with the imported certificate. Returned only when a chain was supplied at import. privateKey: type: string description: The PEM-encoded private key associated with the imported certificate. Returned only when a private key was supplied at import. serialNumber: type: string description: The serial number of the imported certificate. required: - certificate - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/revoke: post: operationId: revokeCertificate tags: - PKI Certificates description: Revoke requestBody: required: true content: application/json: schema: type: object properties: revocationReason: type: string enum: - UNSPECIFIED - KEY_COMPROMISE - CA_COMPROMISE - AFFILIATION_CHANGED - SUPERSEDED - CESSATION_OF_OPERATION - CERTIFICATE_HOLD - PRIVILEGE_WITHDRAWN - A_A_COMPROMISE description: The reason for revoking the certificate. required: - revocationReason additionalProperties: false parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to revoke. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string serialNumber: type: string description: The serial number of the revoked certificate. revokedAt: type: string format: date-time description: The date and time when the certificate was revoked. required: - message - serialNumber - revokedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/application: post: operationId: assignCertificateToApplication tags: - PKI Certificates description: Assign a certificate to an Application. Only certificates that aren't already attached to an Application can be assigned; once attached the binding cannot be moved. requestBody: required: true content: application/json: schema: type: object properties: applicationId: type: string format: uuid required: - applicationId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter additionalProperties: false required: - certificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificates/{id}/certificate: get: operationId: getCertificateBody tags: - PKI Certificates description: Get certificate body of certificate parameters: - schema: type: string in: path name: id required: true description: The ID of the certificate to get the certificate body and certificate chain for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the certificate. certificateChain: type: string nullable: true description: The certificate chain of the certificate. serialNumber: type: string description: The serial number of the certificate. required: - certificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-policies: post: operationId: createCertificatePolicy tags: - PKI Certificate Policies requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string required: type: array items: type: string denied: type: array items: type: string required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string required: type: array items: type: string denied: type: array items: type: string required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minItems: 1 keyAlgorithm: type: array items: type: string minItems: 1 additionalProperties: false validity: type: object properties: max: type: string additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true required: - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePolicy: type: object properties: id: type: string format: uuid name: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9-_]+$ description: type: string maxLength: 1000 nullable: true subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: array items: type: string minLength: 1 minItems: 1 additionalProperties: false validity: type: object properties: max: type: string pattern: ^\d+[dhmy]$ additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - certificatePolicy additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listCertificatePolicies tags: - PKI Certificate Policies parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string in: query name: search required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePolicies: type: array items: type: object properties: id: type: string format: uuid name: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9-_]+$ description: type: string maxLength: 1000 nullable: true subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: array items: type: string minLength: 1 minItems: 1 additionalProperties: false validity: type: object properties: max: type: string pattern: ^\d+[dhmy]$ additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - certificatePolicies - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-policies/{id}: get: operationId: getCertificatePolicy tags: - PKI Certificate Policies parameters: - schema: type: string format: uuid in: query name: applicationId required: false - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePolicy: type: object properties: id: type: string format: uuid name: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9-_]+$ description: type: string maxLength: 1000 nullable: true subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: array items: type: string minLength: 1 minItems: 1 additionalProperties: false validity: type: object properties: max: type: string pattern: ^\d+[dhmy]$ additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - certificatePolicy additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCertificatePolicy tags: - PKI Certificate Policies requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string required: type: array items: type: string denied: type: array items: type: string required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string required: type: array items: type: string denied: type: array items: type: string required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minItems: 1 keyAlgorithm: type: array items: type: string minItems: 1 additionalProperties: false validity: type: object properties: max: type: string additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePolicy: type: object properties: id: type: string format: uuid name: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9-_]+$ description: type: string maxLength: 1000 nullable: true subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: array items: type: string minLength: 1 minItems: 1 additionalProperties: false validity: type: object properties: max: type: string pattern: ^\d+[dhmy]$ additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - certificatePolicy additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCertificatePolicy tags: - PKI Certificate Policies parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePolicy: type: object properties: id: type: string format: uuid name: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9-_]+$ description: type: string maxLength: 1000 nullable: true subject: type: array items: type: object properties: type: type: string enum: - common_name - organization - country - state - locality - organizational_unit allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false sans: type: array items: type: object properties: type: type: string enum: - dns_name - ip_address - email - uri allowed: type: array items: type: string minLength: 1 required: type: array items: type: string minLength: 1 denied: type: array items: type: string minLength: 1 required: - type additionalProperties: false keyUsages: type: object properties: allowed: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only required: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only denied: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only additionalProperties: false extendedKeyUsages: type: object properties: allowed: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping required: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping denied: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping additionalProperties: false algorithms: type: object properties: signature: type: array items: type: string minLength: 1 minItems: 1 keyAlgorithm: type: array items: type: string minLength: 1 minItems: 1 additionalProperties: false validity: type: object properties: max: type: string pattern: ^\d+[dhmy]$ additionalProperties: false basicConstraints: type: object properties: isCA: type: string enum: - allowed - required - denied maxPathLength: type: integer minimum: -1 additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - certificatePolicy additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles: post: operationId: createCertificateProfile tags: - PKI Certificate Profiles requestBody: required: true content: application/json: schema: type: object properties: caId: type: string format: uuid certificatePolicyId: type: string format: uuid slug: type: string minLength: 1 maxLength: 255 pattern: ^[a-z0-9-]+$ description: type: string maxLength: 1000 issuerType: type: string enum: - ca - self-signed default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: integer exclusiveMinimum: true minimum: 0 commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: integer minimum: 0 required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true required: - certificatePolicyId - slug additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listCertificateProfiles tags: - PKI Certificate Profiles parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string in: query name: search required: false - schema: type: string enum: - api - est - acme - scep in: query name: enrollmentType required: false - schema: type: string enum: - ca - self-signed in: query name: issuerType required: false - schema: type: string format: uuid in: query name: caId required: false - schema: type: string format: uuid in: query name: applicationId required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfiles: type: array items: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true certificateAuthority: type: object properties: id: type: string status: type: string name: type: string isExternal: type: boolean externalType: type: string nullable: true required: - id - status - name additionalProperties: false metrics: type: object properties: profileId: type: string totalCertificates: type: number activeCertificates: type: number expiredCertificates: type: number expiringCertificates: type: number revokedCertificates: type: number required: - profileId - totalCertificates - activeCertificates - expiredCertificates - expiringCertificates - revokedCertificates additionalProperties: false estConfig: type: object properties: id: type: string disableBootstrapCaValidation: type: boolean passphrase: type: string caChain: type: string required: - id - disableBootstrapCaValidation additionalProperties: false apiConfig: type: object properties: id: type: string autoRenew: type: boolean renewBeforeDays: type: number required: - id - autoRenew additionalProperties: false acmeConfig: type: object properties: id: type: string directoryUrl: type: string skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean required: - id - directoryUrl additionalProperties: false scepConfig: type: object properties: id: type: string scepEndpointUrl: type: string raCertificatePem: type: string raCertExpiresAt: type: string format: date-time includeCaCertInResponse: type: boolean allowCertBasedRenewal: type: boolean challengeType: type: string challengeEndpointUrl: type: string dynamicChallengeExpiryMinutes: type: number dynamicChallengeMaxPending: type: number required: - id - scepEndpointUrl - raCertificatePem - raCertExpiresAt - includeCaCertInResponse - allowCertBasedRenewal - challengeType additionalProperties: false required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - certificateProfiles - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles/{id}: get: operationId: getCertificateProfile tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true certificateAuthority: type: object properties: id: type: string status: type: string name: type: string isExternal: type: boolean externalType: type: string nullable: true required: - id - status - name additionalProperties: false certificatePolicy: type: object properties: id: type: string name: type: string description: type: string required: - id - name additionalProperties: false estConfig: type: object properties: id: type: string disableBootstrapCaValidation: type: boolean caChain: type: string required: - id - disableBootstrapCaValidation additionalProperties: false apiConfig: type: object properties: id: type: string autoRenew: type: boolean renewBeforeDays: type: number required: - id - autoRenew additionalProperties: false acmeConfig: type: object properties: id: type: string directoryUrl: type: string skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean required: - id - directoryUrl additionalProperties: false scepConfig: type: object properties: id: type: string scepEndpointUrl: type: string raCertificatePem: type: string raCertExpiresAt: type: string format: date-time includeCaCertInResponse: type: boolean allowCertBasedRenewal: type: boolean challengeType: type: string challengeEndpointUrl: type: string dynamicChallengeExpiryMinutes: type: number dynamicChallengeMaxPending: type: number required: - id - scepEndpointUrl - raCertificatePem - raCertExpiresAt - includeCaCertInResponse - allowCertBasedRenewal - challengeType additionalProperties: false required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCertificateProfile tags: - PKI Certificate Profiles requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 255 pattern: ^[a-z0-9-]+$ description: type: string maxLength: 1000 nullable: true issuerType: type: string enum: - ca - self-signed externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: integer exclusiveMinimum: true minimum: 0 commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: integer minimum: 0 required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCertificateProfile tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles/slug/{slug}: get: operationId: getCertificateProfileBySlug tags: - PKI Certificate Profiles parameters: - schema: type: string minLength: 1 in: path name: slug required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles/{id}/certificates: get: operationId: listCertificateProfileCertificates tags: - PKI Certificate Profiles parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string enum: - active - expired - revoked in: query name: status required: false - schema: type: string in: query name: search required: false - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string serialNumber: type: string cn: type: string status: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time required: - id - serialNumber - cn - status - notBefore - notAfter - createdAt additionalProperties: false required: - certificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles/{id}/certificates/latest-active-bundle: get: operationId: getCertificateProfileLatestActiveBundle tags: - PKI Certificate Profiles description: Get latest active certificate bundle for a profile parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string nullable: true certificateChain: type: string nullable: true privateKey: type: string nullable: true serialNumber: type: string nullable: true required: - certificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-profiles/{id}/acme/eab-secret/reveal: get: operationId: revealCertificateProfileAcmeEabSecret tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: eabKid: type: string eabSecret: type: string required: - eabKid - eabSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/alerts: post: operationId: createPkiAlertV1 tags: - PKI Alerting description: Create a new PKI alert requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean default: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: anyOf: - type: object properties: recipients: type: array items: type: string format: email minItems: 1 maxItems: 10 required: - recipients additionalProperties: false - type: object properties: url: type: string format: uri signingSecret: type: string maxLength: 256 nullable: true required: - url additionalProperties: false - type: object properties: webhookUrl: type: string format: uri required: - webhookUrl additionalProperties: false - type: object properties: integrationKey: type: string required: - integrationKey additionalProperties: false enabled: type: boolean default: true required: - channelType - config additionalProperties: false minItems: 1 maxItems: 10 applicationId: type: string format: uuid description: Optional Application this alert is scoped to required: - name - eventType - filters - channels additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - applicationId - notificationConfig - channels - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listPkiAlertsV1 tags: - PKI Alerting description: List PKI alerts for a project parameters: - schema: type: string format: uuid in: query name: applicationId required: false - schema: type: string in: query name: search required: false - schema: type: string enum: - expiration - renewal - issuance - revocation in: query name: eventType required: false - schema: type: boolean in: query name: enabled required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: number minimum: 0 default: 0 in: query name: offset required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: alerts: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false lastRun: type: object properties: timestamp: type: string format: date-time status: type: string enum: - success - failed error: type: string nullable: true required: - timestamp - status - error additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - applicationId - notificationConfig - channels - lastRun - createdAt - updatedAt additionalProperties: false total: type: number required: - alerts - total additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/alerts/{alertId}: get: operationId: getPkiAlertV1 tags: - PKI Alerting description: Get a PKI alert by ID parameters: - schema: type: string format: uuid in: path name: alertId required: true description: Alert ID responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - applicationId - notificationConfig - channels - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiAlertV1 tags: - PKI Alerting description: Update a PKI alert requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean default: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: anyOf: - type: object properties: recipients: type: array items: type: string format: email minItems: 1 maxItems: 10 required: - recipients additionalProperties: false - type: object properties: url: type: string format: uri signingSecret: type: string maxLength: 256 nullable: true required: - url additionalProperties: false - type: object properties: webhookUrl: type: string format: uri required: - webhookUrl additionalProperties: false - type: object properties: integrationKey: type: string required: - integrationKey additionalProperties: false enabled: type: boolean default: true required: - channelType - config additionalProperties: false minItems: 1 maxItems: 10 additionalProperties: false parameters: - schema: type: string format: uuid in: path name: alertId required: true description: Alert ID responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - applicationId - notificationConfig - channels - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiAlertV1 tags: - PKI Alerting description: Delete a PKI alert parameters: - schema: type: string format: uuid in: path name: alertId required: true description: Alert ID responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - applicationId - notificationConfig - channels - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/alerts/{alertId}/certificates: get: tags: - PKI Alerting description: List certificates that match an alert's filter rules parameters: - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: string format: uuid in: path name: alertId required: true description: Alert ID responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid serialNumber: type: string commonName: type: string san: type: array items: type: string profileName: type: string nullable: true enrollmentType: type: string nullable: true notBefore: type: string format: date-time notAfter: type: string format: date-time status: type: string required: - id - serialNumber - commonName - san - profileName - enrollmentType - notBefore - notAfter - status additionalProperties: false total: type: number required: - certificates - total additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/alerts/preview/certificates: post: operationId: previewPkiAlertCertificatesV1 tags: - PKI Alerting description: Preview certificates that would match the given filter rules requestBody: required: true content: application/json: schema: type: object properties: filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false alertBefore: type: string description: Alert timing (e.g., '30d', '1w'). Required for expiration previews, omit for other event types. limit: type: number minimum: 1 maximum: 100 default: 20 offset: type: number minimum: 0 default: 0 required: - filters additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid serialNumber: type: string commonName: type: string san: type: array items: type: string profileName: type: string nullable: true enrollmentType: type: string nullable: true notBefore: type: string format: date-time notAfter: type: string format: date-time status: type: string required: - id - serialNumber - commonName - san - profileName - enrollmentType - notBefore - notAfter - status additionalProperties: false total: type: number required: - certificates - total additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications: post: operationId: createPkiApplication tags: - PKI Applications description: Create an application. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: type: string maxLength: 256 profileIds: type: array items: type: string format: uuid required: - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: application: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - application additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listPkiApplications tags: - PKI Applications description: List applications. parameters: - schema: type: string in: query name: search required: false - schema: type: integer minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: integer minimum: 0 default: 0 in: query name: offset required: false - schema: allOf: - anyOf: - not: {} - type: string - anyOf: - not: {} - type: array items: type: string format: uuid in: query name: applicationIds required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: applications: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time profileCount: type: integer minimum: 0 memberCount: type: integer minimum: 0 certificateCount: type: integer minimum: 0 required: - id - name - createdAt - updatedAt - profileCount - memberCount - certificateCount additionalProperties: false total: type: integer minimum: 0 required: - applications - total additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}: get: operationId: getPkiApplication tags: - PKI Applications description: Get an application by id. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: application: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - application additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiApplication tags: - PKI Applications description: Update an application. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: type: string maxLength: 256 nullable: true additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: application: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - application additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiApplication tags: - PKI Applications description: Delete an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: application: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - application additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/by-name/{name}: get: operationId: getPkiApplicationByName tags: - PKI Applications description: Get an application by name. parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: name required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: application: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - createdAt - updatedAt additionalProperties: false required: - application additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/permissions: get: operationId: getPkiApplicationPermissions tags: - PKI Applications description: Get the actor's effective resource permissions on this application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: data: type: object properties: permissions: type: array memberships: type: array items: type: object properties: id: type: string actorUserId: type: string nullable: true actorIdentityId: type: string nullable: true actorGroupId: type: string nullable: true roles: type: array items: type: object properties: role: type: string customRoleSlug: type: string nullable: true required: - role additionalProperties: false required: - id - roles additionalProperties: false required: - permissions - memberships additionalProperties: false required: - data additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles: get: operationId: listPkiApplicationProfiles tags: - PKI Applications description: List profiles attached to an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: profiles: type: array items: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid profileSlug: type: string profileDescription: type: string nullable: true estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true acmeConfigId: type: string format: uuid nullable: true scepConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - applicationId - profileId - profileSlug - createdAt - updatedAt additionalProperties: false required: - profiles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: attachPkiApplicationProfiles tags: - PKI Applications description: Attach one or more profiles to an application. requestBody: required: true content: application/json: schema: type: object properties: profileIds: type: array items: type: string format: uuid minItems: 1 required: - profileIds additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: profiles: type: array items: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid profileSlug: type: string profileDescription: type: string nullable: true estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true acmeConfigId: type: string format: uuid nullable: true scepConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - applicationId - profileId - profileSlug - createdAt - updatedAt additionalProperties: false required: - profiles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}: delete: operationId: detachPkiApplicationProfile tags: - PKI Applications description: Detach a profile from an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/users: get: operationId: listPkiApplicationUserMembers tags: - PKI Applications description: List user members of an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addPkiApplicationUserMembers tags: - PKI Applications description: Add user members to an application by userId, email, or username. Only users who are already members of the project can be added. requestBody: required: true content: application/json: schema: type: object properties: userIds: type: array items: type: string format: uuid default: [] emails: type: array items: type: string format: email default: [] role: type: string minLength: 1 default: operator additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false skipped: type: array items: type: string unresolved: type: array items: type: string required: - memberships - skipped - unresolved additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/users/{userId}: patch: operationId: updatePkiApplicationUserMemberRole tags: - PKI Applications description: Update the role of a user member on an application. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: userId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removePkiApplicationUserMember tags: - PKI Applications description: Remove a user from an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: userId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid required: - membershipId - applicationId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/identities: get: operationId: listPkiApplicationIdentityMembers tags: - PKI Applications description: List identity members of an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/identities/{identityId}: post: operationId: addPkiApplicationIdentityMember tags: - PKI Applications description: Add an identity as a member of an application. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: identityId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiApplicationIdentityMemberRole tags: - PKI Applications description: Update the role of an identity member on an application. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: identityId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removePkiApplicationIdentityMember tags: - PKI Applications description: Remove an identity from an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: identityId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid required: - membershipId - applicationId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/groups: get: operationId: listPkiApplicationGroupMembers tags: - PKI Applications description: List group members of an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/groups/{groupId}: post: operationId: addPkiApplicationGroupMember tags: - PKI Applications description: Add a group as a member of an application. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: groupId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiApplicationGroupMemberRole tags: - PKI Applications description: Update the role of a group member on an application. requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: groupId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - applicationId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removePkiApplicationGroupMember tags: - PKI Applications description: Remove a group from an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: groupId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid applicationId: type: string format: uuid required: - membershipId - applicationId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment: get: operationId: getPkiApplicationEnrollment tags: - PKI Applications description: Get the enrollment state for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid api: type: object properties: id: type: string format: uuid autoRenew: type: boolean renewBeforeDays: type: integer nullable: true required: - id - autoRenew - renewBeforeDays additionalProperties: false nullable: true est: type: object properties: id: type: string format: uuid disableBootstrapCaValidation: type: boolean estEndpointUrl: type: string required: - id - disableBootstrapCaValidation - estEndpointUrl additionalProperties: false nullable: true acme: type: object properties: id: type: string format: uuid skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean directoryUrl: type: string required: - id - skipDnsOwnershipVerification - skipEabBinding - directoryUrl additionalProperties: false nullable: true scep: type: object properties: id: type: string format: uuid challengeType: type: string enum: - static - dynamic includeCaCertInResponse: type: boolean allowCertBasedRenewal: type: boolean dynamicChallengeExpiryMinutes: type: integer nullable: true dynamicChallengeMaxPending: type: integer nullable: true scepEndpointUrl: type: string challengeEndpointUrl: type: string nullable: true raCertificatePem: type: string raCertExpiresAt: type: string format: date-time required: - id - challengeType - includeCaCertInResponse - allowCertBasedRenewal - dynamicChallengeExpiryMinutes - dynamicChallengeMaxPending - scepEndpointUrl - challengeEndpointUrl - raCertificatePem - raCertExpiresAt additionalProperties: false nullable: true estConfigured: type: boolean acmeConfigured: type: boolean scepConfigured: type: boolean required: - applicationId - profileId - api - est - acme - scep - estConfigured - acmeConfigured - scepConfigured additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/api: put: operationId: setPkiApplicationApiEnrollment tags: - PKI Applications description: Enable or update the API enrollment method for a profile on an application. requestBody: required: true content: application/json: schema: type: object properties: autoRenew: type: boolean default: false renewBeforeDays: type: integer minimum: 1 maximum: 365 additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid api: type: object properties: id: type: string format: uuid autoRenew: type: boolean renewBeforeDays: type: integer nullable: true required: - id - autoRenew - renewBeforeDays additionalProperties: false required: - applicationId - profileId - api additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: clearPkiApplicationApiEnrollment tags: - PKI Applications description: Disable the API enrollment method for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/est: put: operationId: setPkiApplicationEstEnrollment tags: - PKI Applications description: Enable or update the EST enrollment method for a profile on an application. requestBody: required: true content: application/json: schema: type: object properties: passphrase: type: string minLength: 8 disableBootstrapCaValidation: type: boolean default: false caChain: type: string required: - passphrase additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid est: type: object properties: id: type: string format: uuid disableBootstrapCaValidation: type: boolean required: - id - disableBootstrapCaValidation additionalProperties: false required: - applicationId - profileId - est additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: clearPkiApplicationEstEnrollment tags: - PKI Applications description: Disable the EST enrollment method for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/acme: put: operationId: setPkiApplicationAcmeEnrollment tags: - PKI Applications description: Enable or update the ACME enrollment method for a profile on an application. requestBody: required: true content: application/json: schema: type: object properties: skipDnsOwnershipVerification: type: boolean default: false skipEabBinding: type: boolean default: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid acme: type: object properties: id: type: string format: uuid skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean required: - id - skipDnsOwnershipVerification - skipEabBinding additionalProperties: false required: - applicationId - profileId - acme additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: clearPkiApplicationAcmeEnrollment tags: - PKI Applications description: Disable the ACME enrollment method for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/acme/eab/reveal: post: operationId: revealPkiApplicationAcmeEabSecret tags: - PKI Applications description: Reveal the ACME EAB secret for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid eabKid: type: string eabSecret: type: string required: - applicationId - profileId - eabKid - eabSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/acme/eab/rotate: post: operationId: rotatePkiApplicationAcmeEabSecret tags: - PKI Applications description: Rotate the ACME EAB secret for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/profiles/{profileId}/enrollment/scep: put: operationId: setPkiApplicationScepEnrollment tags: - PKI Applications description: Enable or update the SCEP enrollment method for a profile on an application. requestBody: required: true content: application/json: schema: type: object properties: challengeType: type: string enum: - static - dynamic challengePassword: type: string includeCaCertInResponse: type: boolean default: true allowCertBasedRenewal: type: boolean default: true dynamicChallengeExpiryMinutes: type: integer minimum: 5 maximum: 1440 dynamicChallengeMaxPending: type: integer minimum: 1 maximum: 1000 additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid scep: type: object properties: id: type: string format: uuid challengeType: type: string enum: - static - dynamic required: - id - challengeType additionalProperties: false required: - applicationId - profileId - scep additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: clearPkiApplicationScepEnrollment tags: - PKI Applications description: Disable the SCEP enrollment method for a profile on an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: profileId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: applicationId: type: string format: uuid profileId: type: string format: uuid required: - applicationId - profileId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/alerts: get: operationId: listPkiApplicationAlerts tags: - PKI Applications description: List alerts for an application. parameters: - schema: type: string in: query name: search required: false - schema: type: string enum: - expiration - renewal - issuance - revocation in: query name: eventType required: false - schema: type: boolean in: query name: enabled required: false - schema: type: integer minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: integer minimum: 0 default: 0 in: query name: offset required: false - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alerts: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false lastRun: type: object properties: timestamp: type: string format: date-time status: type: string enum: - success - failed error: type: string nullable: true required: - timestamp - status - error additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - notificationConfig - channels - lastRun - createdAt - updatedAt additionalProperties: false total: type: integer minimum: 0 required: - alerts - total additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createPkiApplicationAlert tags: - PKI Applications description: Create an alert on an application. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean default: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: anyOf: - type: object properties: recipients: type: array items: type: string format: email minItems: 1 maxItems: 10 required: - recipients additionalProperties: false - type: object properties: url: type: string format: uri signingSecret: type: string maxLength: 256 nullable: true required: - url additionalProperties: false - type: object properties: webhookUrl: type: string format: uri required: - webhookUrl additionalProperties: false - type: object properties: integrationKey: type: string required: - integrationKey additionalProperties: false enabled: type: boolean default: true required: - channelType - config additionalProperties: false minItems: 1 maxItems: 10 required: - name - eventType - filters - channels additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false lastRun: type: object properties: timestamp: type: string format: date-time status: type: string enum: - success - failed error: type: string nullable: true required: - timestamp - status - error additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - notificationConfig - channels - lastRun - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/applications/{applicationId}/alerts/{alertId}: patch: operationId: updatePkiApplicationAlert tags: - PKI Applications description: Update an alert on an application. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 255 description: type: string maxLength: 1000 eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean default: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: anyOf: - type: object properties: recipients: type: array items: type: string format: email minItems: 1 maxItems: 10 required: - recipients additionalProperties: false - type: object properties: url: type: string format: uri signingSecret: type: string maxLength: 256 nullable: true required: - url additionalProperties: false - type: object properties: webhookUrl: type: string format: uri required: - webhookUrl additionalProperties: false - type: object properties: integrationKey: type: string required: - integrationKey additionalProperties: false enabled: type: boolean default: true required: - channelType - config additionalProperties: false minItems: 1 maxItems: 10 additionalProperties: false parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: alertId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false lastRun: type: object properties: timestamp: type: string format: date-time status: type: string enum: - success - failed error: type: string nullable: true required: - timestamp - status - error additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - notificationConfig - channels - lastRun - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiApplicationAlert tags: - PKI Applications description: Delete an alert from an application. parameters: - schema: type: string format: uuid in: path name: applicationId required: true - schema: type: string format: uuid in: path name: alertId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alert: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true eventType: type: string enum: - expiration - renewal - issuance - revocation alertBefore: type: string filters: type: array items: type: object properties: field: type: string enum: - profile_name - common_name - san - include_cas operator: type: string enum: - equals - matches - contains - starts_with - ends_with value: anyOf: - type: string - type: array items: type: string - type: boolean required: - field - operator - value additionalProperties: false enabled: type: boolean applicationId: type: string format: uuid nullable: true notificationConfig: type: object properties: enableDailyNotification: type: boolean default: false additionalProperties: false nullable: true channels: type: array items: type: object properties: id: type: string format: uuid channelType: type: string enum: - email - webhook - slack - pagerduty config: type: object additionalProperties: {} enabled: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - channelType - config - enabled - createdAt - updatedAt additionalProperties: false lastRun: type: object properties: timestamp: type: string format: date-time status: type: string enum: - success - failed error: type: string nullable: true required: - timestamp - status - error additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - description - eventType - filters - enabled - notificationConfig - channels - lastRun - createdAt - updatedAt additionalProperties: false required: - alert additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers: post: operationId: createSigner tags: - PKI Signers description: Create a code signing signer requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: type: string maxLength: 256 caId: type: string format: uuid commonName: type: string minLength: 1 maxLength: 256 certificateTtlDays: type: integer minimum: 1 maximum: 3650 certificateRenewBeforeDays: type: integer minimum: 1 maximum: 30 nullable: true keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 certificateId: type: string format: uuid approvalPolicyId: type: string format: uuid members: type: array items: type: object properties: kind: type: string enum: - user - identity - group id: type: string format: uuid role: type: string minLength: 1 required: - kind - id - role additionalProperties: false approvalPolicy: type: object properties: steps: type: array items: type: object properties: stepNumber: type: integer minimum: 1 name: type: string maxLength: 64 nullable: true requiredApprovals: type: integer minimum: 1 approverUserIds: type: array items: type: string format: uuid default: [] approverGroupIds: type: array items: type: string format: uuid default: [] required: - stepNumber - requiredApprovals additionalProperties: false constraints: type: object properties: maxSignings: type: integer minimum: 1 nullable: true maxWindowDuration: type: string nullable: true additionalProperties: false required: - steps additionalProperties: false required: - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listSigners tags: - PKI Signers description: List code signing signers for a project parameters: - schema: type: integer minimum: 0 default: 0 in: query name: offset required: false - schema: type: integer minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string in: query name: search required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: signers: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 certificateCommonName: type: string nullable: true certificateSerialNumber: type: string nullable: true certificateNotAfter: type: string format: date-time nullable: true approvalPolicyName: type: string nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - signers - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}: get: operationId: getSignerById tags: - PKI Signers description: Get a code signing signer by ID parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 certificateCommonName: type: string nullable: true certificateSerialNumber: type: string nullable: true certificateNotAfter: type: string format: date-time nullable: true certificateNotBefore: type: string format: date-time nullable: true certificateKeyAlgorithm: type: string nullable: true certificateStatus: type: string nullable: true certificateCaId: type: string nullable: true approvalPolicyName: type: string nullable: true required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSigner tags: - PKI Signers description: Update a code signing signer requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: type: string maxLength: 256 nullable: true certificateRenewBeforeDays: type: integer minimum: 1 maximum: 30 nullable: true additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSigner tags: - PKI Signers description: Delete a code signing signer parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/permissions: get: operationId: getSignerPermissions tags: - PKI Signers description: Get the actor's effective resource permissions on this signer. parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: data: type: object properties: permissions: type: array memberships: type: array items: type: object properties: id: type: string actorUserId: type: string nullable: true actorIdentityId: type: string nullable: true actorGroupId: type: string nullable: true roles: type: array items: type: object properties: role: type: string customRoleSlug: type: string nullable: true required: - role additionalProperties: false required: - id - roles additionalProperties: false required: - permissions - memberships additionalProperties: false required: - data additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/status: patch: operationId: updateSignerStatus tags: - PKI Signers description: Enable or disable a signer in a single endpoint requestBody: required: true content: application/json: schema: type: object properties: status: type: string enum: - active - disabled required: - status additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/sign: post: operationId: signData tags: - PKI Signers description: Sign a pre-hashed digest with a code signing signer requestBody: required: true content: application/json: schema: type: object properties: data: type: string minLength: 1 maxLength: 172 signingAlgorithm: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 isDigest: type: boolean default: false clientMetadata: type: object properties: tool: type: string maxLength: 128 hostname: type: string maxLength: 256 reportedIp: type: string maxLength: 64 additionalProperties: false required: - data - signingAlgorithm additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: signature: type: string signingAlgorithm: type: string signerId: type: string required: - signature - signingAlgorithm - signerId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/public-key: get: operationId: getSignerPublicKey tags: - PKI Signers description: Get the public key for a code signing signer parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: publicKey: type: string algorithm: type: string required: - publicKey - algorithm additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/certificate/reissue: post: operationId: reissueSignerCertificate tags: - PKI Signers description: Re-issue the signer's certificate (optionally from a different CA) requestBody: required: true content: application/json: schema: type: object properties: caId: type: string format: uuid commonName: type: string minLength: 1 maxLength: 256 certificateTtlDays: type: integer minimum: 1 maximum: 3650 required: - caId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true status: type: string default: active certificateId: type: string format: uuid nullable: true approvalPolicyId: type: string format: uuid nullable: true lastSignedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true commonName: type: string nullable: true certificateTtlDays: type: number nullable: true certificateRenewBeforeDays: type: number nullable: true certificateFailureReason: type: string nullable: true keyAlgorithm: type: string default: RSA_2048 required: - id - name - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/certificate: get: operationId: exportSignerCertificate tags: - PKI Signers description: Export the signer's leaf certificate as PEM parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificatePem: type: string serialNumber: type: string signerName: type: string required: - certificatePem - serialNumber - signerName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/approval-policy: get: operationId: getSignerApprovalPolicy tags: - PKI Signers description: Read the signer's approval policy (steps, approvers, limits) parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid signerId: type: string format: uuid hasSteps: type: boolean steps: type: array constraints: type: object properties: maxSignings: type: number nullable: true maxWindowDuration: type: string nullable: true required: - maxSignings - maxWindowDuration additionalProperties: false required: - id - signerId - hasSteps - steps - constraints additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false put: operationId: updateSignerApprovalPolicy tags: - PKI Signers description: Replace the signer's approval policy (steps, approvers, limits) requestBody: required: true content: application/json: schema: type: object properties: steps: type: array items: type: object properties: stepNumber: type: integer minimum: 1 name: type: string maxLength: 64 nullable: true requiredApprovals: type: integer minimum: 1 approverUserIds: type: array items: type: string format: uuid default: [] approverGroupIds: type: array items: type: string format: uuid default: [] required: - stepNumber - requiredApprovals additionalProperties: false constraints: type: object properties: maxSignings: type: integer minimum: 1 nullable: true maxWindowDuration: type: string nullable: true additionalProperties: false required: - steps additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response /api/v1/cert-manager/signers/{signerId}/requests: get: operationId: listSignerRequests tags: - PKI Signers description: List signing approval requests for a signer parameters: - schema: type: string in: query name: statuses required: false - schema: type: integer minimum: 0 default: 0 in: query name: offset required: false - schema: type: integer minimum: 1 maximum: 100 default: 25 in: query name: limit required: false - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response post: operationId: requestToSign tags: - PKI Signers description: Open a request to sign with this signer (operator self-serve) requestBody: required: true content: application/json: schema: type: object properties: justification: type: string minLength: 1 maxLength: 2048 requestedSignings: type: integer minimum: 1 requestedWindowStart: type: string format: date-time requestedWindowEnd: type: string format: date-time required: - justification additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response /api/v1/cert-manager/signers/{signerId}/requests/pre-approve: post: operationId: preApproveSigning tags: - PKI Signers description: Pre-approve signing for a member (admin only) requestBody: required: true content: application/json: schema: type: object properties: granteeUserId: type: string format: uuid granteeIdentityId: type: string format: uuid justification: type: string minLength: 1 maxLength: 2048 requestedSignings: type: integer minimum: 1 requestedWindowStart: type: string format: date-time requestedWindowEnd: type: string format: date-time required: - justification additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response /api/v1/cert-manager/signers/{signerId}/requests/{requestId}/revoke: post: operationId: revokeSignerRequest tags: - PKI Signers description: Revoke a pending or active signing request parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: requestId required: true responses: '200': description: Default Response /api/v1/cert-manager/signers/{signerId}/operations: get: operationId: listSigningOperations tags: - PKI Signers description: List signing operations for a signer parameters: - schema: type: integer minimum: 0 default: 0 in: query name: offset required: false - schema: type: integer minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string enum: - success - failed - denied in: query name: status required: false - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: operations: type: array items: type: object properties: id: type: string format: uuid signerId: type: string format: uuid status: type: string signingAlgorithm: type: string dataHash: type: string actorType: type: string actorId: type: string format: uuid actorName: type: string nullable: true approvalGrantId: type: string format: uuid nullable: true clientMetadata: nullable: true errorMessage: type: string nullable: true createdAt: type: string format: date-time actorMembershipId: type: string format: uuid nullable: true required: - id - signerId - status - signingAlgorithm - dataHash - actorType - actorId - actorName - createdAt - actorMembershipId additionalProperties: false totalCount: type: number required: - operations - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/users: get: operationId: listSignerUserMembers tags: - PKI Signers description: List user members of a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addSignerUserMembers tags: - PKI Signers description: Add user members to a signer requestBody: required: true content: application/json: schema: type: object properties: userIds: type: array items: type: string format: uuid default: [] emails: type: array items: type: string format: email default: [] role: type: string enum: - admin - operator - auditor default: operator additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false skipped: type: array items: type: string unresolved: type: array items: type: string required: - memberships - skipped - unresolved additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/users/{userId}: patch: operationId: updateSignerUserRole tags: - PKI Signers description: Update a user member's role on a signer requestBody: required: true content: application/json: schema: type: object properties: role: type: string enum: - admin - operator - auditor required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: userId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeSignerUserMember tags: - PKI Signers description: Remove a user from a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: userId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid required: - membershipId - signerId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/effective-users: get: operationId: listSignerEffectiveUserMembers tags: - PKI Signers description: List users that can act on this signer either through a direct membership or through a group that's a signer member. parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: members: type: array items: type: object properties: actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true role: type: string viaGroupIds: type: array items: type: string format: uuid isDirect: type: boolean details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true required: - name additionalProperties: false nullable: true required: - actorUserId - actorIdentityId - role - viaGroupIds - isDirect - details additionalProperties: false required: - members additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/identities: get: operationId: listSignerIdentityMembers tags: - PKI Signers description: List machine identity members of a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addSignerIdentityMember tags: - PKI Signers description: Add a machine identity to a signer requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string format: uuid role: type: string enum: - admin - operator - auditor default: operator required: - identityId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/identities/{identityId}: patch: operationId: updateSignerIdentityRole tags: - PKI Signers description: Update a machine identity's role on a signer requestBody: required: true content: application/json: schema: type: object properties: role: type: string enum: - admin - operator - auditor required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: identityId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeSignerIdentityMember tags: - PKI Signers description: Remove a machine identity from a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: identityId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid required: - membershipId - signerId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/effective-identities: get: operationId: listSignerEffectiveIdentityMembers tags: - PKI Signers description: List machine identities that can act on this signer either directly or via a group that's a signer member. parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: members: type: array items: type: object properties: actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true role: type: string viaGroupIds: type: array items: type: string format: uuid isDirect: type: boolean details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true required: - name additionalProperties: false nullable: true required: - actorUserId - actorIdentityId - role - viaGroupIds - isDirect - details additionalProperties: false required: - members additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/groups: get: operationId: listSignerGroupMembers tags: - PKI Signers description: List group members of a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addSignerGroupMember tags: - PKI Signers description: Add a group to a signer requestBody: required: true content: application/json: schema: type: object properties: groupId: type: string format: uuid role: type: string enum: - admin - operator - auditor default: operator required: - groupId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/signers/{signerId}/groups/{groupId}: patch: operationId: updateSignerGroupRole tags: - PKI Signers description: Update a group's role on a signer requestBody: required: true content: application/json: schema: type: object properties: role: type: string enum: - admin - operator - auditor required: - role additionalProperties: false parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: groupId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid actorUserId: type: string format: uuid nullable: true actorIdentityId: type: string format: uuid nullable: true actorGroupId: type: string format: uuid nullable: true role: type: string customRoleId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time details: type: object properties: name: type: string nullable: true email: type: string nullable: true username: type: string nullable: true authMethod: type: string nullable: true slug: type: string nullable: true required: - name additionalProperties: false nullable: true required: - membershipId - signerId - role - createdAt - updatedAt additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeSignerGroupMember tags: - PKI Signers description: Remove a group from a signer parameters: - schema: type: string format: uuid in: path name: signerId required: true - schema: type: string format: uuid in: path name: groupId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: membershipId: type: string format: uuid signerId: type: string format: uuid required: - membershipId - signerId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/certificate-cleanup: get: operationId: getCertificateCleanupConfig tags: - PKI Certificates description: Get certificate cleanup configuration for a project responses: '200': description: Default Response content: application/json: schema: type: object properties: config: type: object properties: isEnabled: type: boolean default: false postExpiryRetentionDays: type: number default: 3 skipCertsWithActiveSyncs: type: boolean default: true lastRunStatus: type: string nullable: true lastRunAt: type: string format: date-time nullable: true lastRunCertsDeleted: type: number default: 0 lastRunMessage: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - createdAt - updatedAt additionalProperties: false nullable: true required: - config additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false put: operationId: updateCertificateCleanupConfig tags: - PKI Certificates description: Create or update certificate cleanup configuration for a project requestBody: required: true content: application/json: schema: type: object properties: isEnabled: type: boolean description: Enable cleanup postExpiryRetentionDays: type: integer minimum: 1 maximum: 30 description: Days after expiration before deletion skipCertsWithActiveSyncs: type: boolean description: Skip certificates with active syncs additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: config: type: object properties: isEnabled: type: boolean default: false postExpiryRetentionDays: type: number default: 3 skipCertsWithActiveSyncs: type: boolean default: true lastRunStatus: type: string nullable: true lastRunAt: type: string format: date-time nullable: true lastRunCertsDeleted: type: number default: 0 lastRunMessage: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - createdAt - updatedAt additionalProperties: false required: - config additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/access/users: get: operationId: listCertManagerUsers tags: - Project Users description: List Certificate Manager users. responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time userId: type: string format: uuid user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false required: - id - createdAt - userId - user - roles additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: inviteCertManagerUsers tags: - Project Users description: Invite users to Certificate Manager. requestBody: required: true content: application/json: schema: type: object properties: emails: type: array items: type: string format: email default: [] usernames: type: array items: type: string default: [] roleSlugs: type: array items: type: string minItems: 1 additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid required: - id - createdAt - updatedAt - userId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/options: get: operationId: listPkiSyncOptions tags: - PKI Syncs description: List the available PKI Sync Options. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncOptions: type: array items: type: object properties: name: type: string connection: type: string enum: - github - github-radar - aws - databricks - gcp - azure-key-vault - azure-app-configuration - azure-client-secrets - azure-devops - azure-adcs - azure-dns - humanitec - terraform-cloud - vercel - postgres - mssql - mysql - camunda - windmill - auth0 - hashicorp-vault - ldap - teamcity - oci - oracledb - 1password - heroku - render - flyio - gitlab - cloudflare - dns-made-easy - zabbix - railway - bitbucket - checkly - supabase - digital-ocean - netlify - okta - redis - mongodb - laravel-forge - chef - northflank - octopus-deploy - ssh - dbt - smb - open-router - circleci - azure-entra-id - venafi - venafi-tpp - external-infisical - doppler - netscaler - anthropic - ovh - devin - ona - digicert - travis-ci - salesforce - snowflake - datadog - f5-big-ip - godaddy - convex destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip canImportCertificates: type: boolean canRemoveCertificates: type: boolean defaultCertificateNameSchema: type: string forbiddenCharacters: type: string allowedCharacterPattern: type: string maxCertificateNameLength: type: number minCertificateNameLength: type: number required: - name - connection - destination - canImportCertificates - canRemoveCertificates additionalProperties: false required: - pkiSyncOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs: get: operationId: listPkiSyncs tags: - PKI Syncs description: List all the PKI Syncs for the specified project. parameters: - schema: type: string format: uuid in: query name: certificateId required: false - schema: type: string format: uuid in: query name: applicationId required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object additionalProperties: {} syncOptions: type: object additionalProperties: {} applicationId: type: string format: uuid nullable: true subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true appConnectionName: type: string appConnectionApp: type: string connection: type: object properties: id: type: string name: type: string app: type: string encryptedCredentials: nullable: true orgId: type: string format: uuid method: type: string description: type: string nullable: true version: type: number gatewayId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean nullable: true required: - id - name - app - orgId - method - version - createdAt - updatedAt additionalProperties: false subscriber: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false nullable: true hasCertificate: type: boolean required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt - appConnectionName - appConnectionApp - connection additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/{pkiSyncId}: get: operationId: getPkiSync tags: - PKI Syncs description: Get a PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object additionalProperties: {} syncOptions: type: object additionalProperties: {} applicationId: type: string format: uuid nullable: true subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true appConnectionName: type: string appConnectionApp: type: string connection: type: object properties: id: type: string name: type: string app: type: string encryptedCredentials: nullable: true orgId: type: string format: uuid method: type: string description: type: string nullable: true version: type: number gatewayId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean nullable: true required: - id - name - app - orgId - method - version - createdAt - updatedAt additionalProperties: false subscriber: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false nullable: true hasCertificate: type: boolean required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt - appConnectionName - appConnectionApp - connection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/{pkiSyncId}/certificates: get: operationId: listPkiSyncCertificates tags: - PKI Syncs description: List all certificates associated with a PKI Sync. parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid pkiSyncId: type: string format: uuid certificateId: type: string format: uuid syncStatus: type: string enum: - pending - syncing - succeeded - failed - running lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time certificateSerialNumber: type: string certificateCommonName: type: string certificateAltNames: type: string certificateStatus: type: string certificateNotBefore: type: string format: date-time certificateNotAfter: type: string format: date-time certificateRenewBeforeDays: type: number nullable: true certificateRenewalError: type: string nullable: true pkiSyncName: type: string pkiSyncDestination: type: string syncMetadata: type: object properties: isDefault: type: boolean additionalProperties: {} nullable: true required: - id - pkiSyncId - certificateId - syncStatus - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - certificates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addCertificatesToPkiSync tags: - PKI Syncs description: Add certificates to a PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: certificateIds: type: array items: type: string format: uuid minItems: 1 required: - certificateIds additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: addedCertificates: type: array items: type: object properties: id: type: string format: uuid pkiSyncId: type: string format: uuid certificateId: type: string format: uuid syncStatus: type: string default: pending nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - pkiSyncId - certificateId - createdAt - updatedAt additionalProperties: false required: - addedCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: removeCertificatesFromPkiSync tags: - PKI Syncs description: Remove certificates from a PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: certificateIds: type: array items: type: string format: uuid minItems: 1 required: - certificateIds additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: removedCount: type: number required: - removedCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/azure-key-vault: get: operationId: listAzureKeyVaultPkiSyncs tags: - PKI Syncs description: List the Azure Key Vault PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureKeyVaultPkiSync tags: - PKI Syncs description: Create a Azure Key Vault PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/azure-key-vault/{pkiSyncId}: get: operationId: getAzureKeyVaultPkiSync tags: - PKI Syncs description: Get the specified Azure Key Vault PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureKeyVaultPkiSync tags: - PKI Syncs description: Update the specified Azure Key Vault PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureKeyVaultPkiSync tags: - PKI Syncs description: Delete the specified Azure Key Vault PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/azure-key-vault/{pkiSyncId}/sync: post: operationId: syncAzureKeyVaultPkiSync tags: - PKI Syncs description: Trigger a sync for the specified Azure Key Vault PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/azure-key-vault/{pkiSyncId}/remove-certificates: post: operationId: removeAzureKeyVaultPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified Azure Key Vault PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-certificate-manager: get: operationId: listAwsCertificateManagerPkiSyncs tags: - PKI Syncs description: List the AWS Certificate Manager PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsCertificateManagerPkiSync tags: - PKI Syncs description: Create a AWS Certificate Manager PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-certificate-manager/{pkiSyncId}: get: operationId: getAwsCertificateManagerPkiSync tags: - PKI Syncs description: Get the specified AWS Certificate Manager PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsCertificateManagerPkiSync tags: - PKI Syncs description: Update the specified AWS Certificate Manager PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsCertificateManagerPkiSync tags: - PKI Syncs description: Delete the specified AWS Certificate Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-certificate-manager/{pkiSyncId}/sync: post: operationId: syncAwsCertificateManagerPkiSync tags: - PKI Syncs description: Trigger a sync for the specified AWS Certificate Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-certificate-manager/{pkiSyncId}/remove-certificates: post: operationId: removeAwsCertificateManagerPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified AWS Certificate Manager PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-secrets-manager: get: operationId: listAwsSecretsManagerPkiSyncs tags: - PKI Syncs description: List the AWS Secrets Manager PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsSecretsManagerPkiSync tags: - PKI Syncs description: Create a AWS Secrets Manager PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-secrets-manager/{pkiSyncId}: get: operationId: getAwsSecretsManagerPkiSync tags: - PKI Syncs description: Get the specified AWS Secrets Manager PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsSecretsManagerPkiSync tags: - PKI Syncs description: Update the specified AWS Secrets Manager PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsSecretsManagerPkiSync tags: - PKI Syncs description: Delete the specified AWS Secrets Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-secrets-manager/{pkiSyncId}/sync: post: operationId: syncAwsSecretsManagerPkiSync tags: - PKI Syncs description: Trigger a sync for the specified AWS Secrets Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-secrets-manager/{pkiSyncId}/remove-certificates: post: operationId: removeAwsSecretsManagerPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified AWS Secrets Manager PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer: get: operationId: listAwsElasticLoadBalancerPkiSyncs tags: - PKI Syncs description: List the AWS Elastic Load Balancer PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsElasticLoadBalancerPkiSync tags: - PKI Syncs description: Create a AWS Elastic Load Balancer PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/{pkiSyncId}: get: operationId: getAwsElasticLoadBalancerPkiSync tags: - PKI Syncs description: Get the specified AWS Elastic Load Balancer PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsElasticLoadBalancerPkiSync tags: - PKI Syncs description: Update the specified AWS Elastic Load Balancer PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsElasticLoadBalancerPkiSync tags: - PKI Syncs description: Delete the specified AWS Elastic Load Balancer PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/{pkiSyncId}/sync: post: operationId: syncAwsElasticLoadBalancerPkiSync tags: - PKI Syncs description: Trigger a sync for the specified AWS Elastic Load Balancer PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/{pkiSyncId}/remove-certificates: post: operationId: removeAwsElasticLoadBalancerPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified AWS Elastic Load Balancer PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/load-balancers: get: operationId: listAwsElasticLoadBalancers description: List AWS Elastic Load Balancers available for the specified connection and region. parameters: - schema: type: string format: uuid in: query name: connectionId required: true - schema: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 in: query name: region required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: loadBalancers: type: array items: type: object properties: loadBalancerArn: type: string loadBalancerName: type: string type: type: string enum: - application - network - gateway scheme: type: string state: type: string vpcId: type: string dnsName: type: string required: - loadBalancerArn - loadBalancerName - type - scheme - state additionalProperties: false required: - loadBalancers additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/listeners: get: operationId: listAwsElasticLoadBalancerListeners description: List HTTPS/TLS listeners for the specified AWS Elastic Load Balancer. parameters: - schema: type: string format: uuid in: query name: connectionId required: true - schema: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 in: query name: region required: true - schema: type: string minLength: 1 in: query name: loadBalancerArn required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: listeners: type: array items: type: object properties: listenerArn: type: string port: type: number protocol: type: string loadBalancerArn: type: string sslPolicy: type: string certificates: type: array items: type: object properties: certificateArn: type: string isDefault: type: boolean required: - certificateArn - isDefault additionalProperties: false required: - listenerArn - port - protocol - loadBalancerArn additionalProperties: false required: - listeners additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/aws-elastic-load-balancer/{pkiSyncId}/certificates/default: post: operationId: setAwsElbCertificateAsDefault description: Set a certificate as the default for all listeners in this AWS ELB PKI Sync. This will trigger a sync immediately. requestBody: required: true content: application/json: schema: type: object properties: certificateId: type: string format: uuid required: - certificateId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: clearAwsElbDefaultCertificate description: Clear the default certificate for this AWS ELB PKI Sync. No certificate will be set as the default on listeners. This will trigger a sync immediately. parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/chef: get: operationId: listChefPkiSyncs tags: - PKI Syncs description: List the Chef PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createChefPkiSync tags: - PKI Syncs description: Create a Chef PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/chef/{pkiSyncId}: get: operationId: getChefPkiSync tags: - PKI Syncs description: Get the specified Chef PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateChefPkiSync tags: - PKI Syncs description: Update the specified Chef PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteChefPkiSync tags: - PKI Syncs description: Delete the specified Chef PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/chef/{pkiSyncId}/sync: post: operationId: syncChefPkiSync tags: - PKI Syncs description: Trigger a sync for the specified Chef PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/chef/{pkiSyncId}/remove-certificates: post: operationId: removeChefPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified Chef PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/cloudflare-custom-certificate: get: operationId: listCloudflareCustomCertificatePkiSyncs tags: - PKI Syncs description: List the Cloudflare Custom SSL Certificate PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCloudflareCustomCertificatePkiSync tags: - PKI Syncs description: Create a Cloudflare Custom SSL Certificate PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/cloudflare-custom-certificate/{pkiSyncId}: get: operationId: getCloudflareCustomCertificatePkiSync tags: - PKI Syncs description: Get the specified Cloudflare Custom SSL Certificate PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCloudflareCustomCertificatePkiSync tags: - PKI Syncs description: Update the specified Cloudflare Custom SSL Certificate PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCloudflareCustomCertificatePkiSync tags: - PKI Syncs description: Delete the specified Cloudflare Custom SSL Certificate PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/cloudflare-custom-certificate/{pkiSyncId}/sync: post: operationId: syncCloudflareCustomCertificatePkiSync tags: - PKI Syncs description: Trigger a sync for the specified Cloudflare Custom SSL Certificate PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/cloudflare-custom-certificate/{pkiSyncId}/remove-certificates: post: operationId: removeCloudflareCustomCertificatePkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified Cloudflare Custom SSL Certificate PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/netscaler: get: operationId: listNetscalerPkiSyncs tags: - PKI Syncs description: List the NetScaler PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNetscalerPkiSync tags: - PKI Syncs description: Create a NetScaler PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/netscaler/{pkiSyncId}: get: operationId: getNetscalerPkiSync tags: - PKI Syncs description: Get the specified NetScaler PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNetscalerPkiSync tags: - PKI Syncs description: Update the specified NetScaler PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNetscalerPkiSync tags: - PKI Syncs description: Delete the specified NetScaler PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/netscaler/{pkiSyncId}/sync: post: operationId: syncNetscalerPkiSync tags: - PKI Syncs description: Trigger a sync for the specified NetScaler PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/netscaler/{pkiSyncId}/remove-certificates: post: operationId: removeNetscalerPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified NetScaler PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/f5-big-ip: get: operationId: listF5BigIpPkiSyncs tags: - PKI Syncs description: List the F5 BIG-IP PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createF5BigIpPkiSync tags: - PKI Syncs description: Create a F5 BIG-IP PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/f5-big-ip/{pkiSyncId}: get: operationId: getF5BigIpPkiSync tags: - PKI Syncs description: Get the specified F5 BIG-IP PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateF5BigIpPkiSync tags: - PKI Syncs description: Update the specified F5 BIG-IP PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteF5BigIpPkiSync tags: - PKI Syncs description: Delete the specified F5 BIG-IP PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/f5-big-ip/{pkiSyncId}/sync: post: operationId: syncF5BigIpPkiSync tags: - PKI Syncs description: Trigger a sync for the specified F5 BIG-IP PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/cert-manager/syncs/f5-big-ip/{pkiSyncId}/remove-certificates: post: operationId: removeF5BigIpPkiSyncCertificates tags: - PKI Syncs description: Remove certificates from the specified F5 BIG-IP PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca: post: operationId: createCertificateAuthorityV1 tags: - PKI Certificate Authorities description: Create CA requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: Slug of the project to create the CA in. type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string description: The common name (CN) for the CA. organization: type: string description: The organization (O) for the CA. ou: type: string description: The organization unit (OU) for the CA. country: type: string description: The country name (C) for the CA. province: type: string description: The state of province name for the CA. locality: type: string description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 default: -1 description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s default: RSA_2048 description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. requireTemplateForIssuance: type: boolean default: false description: Whether or not certificates for this CA can only be issued through certificate templates. required: - projectSlug - type - commonName - organization - ou - country - province - locality additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}: get: operationId: getCertificateAuthorityV1 tags: - PKI Certificate Authorities description: Get CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCertificateAuthorityV1 tags: - PKI Certificate Authorities description: Update CA requestBody: required: true content: application/json: schema: type: object properties: status: type: string enum: - active - disabled description: The status of the CA to update to. This can be one of active or disabled. requireTemplateForIssuance: type: boolean description: Whether or not certificates for this CA can only be issued through certificate templates. additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCertificateAuthorityV1 tags: - PKI Certificate Authorities description: Delete CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: ca: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - ca additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/certificates/{caCertId}/der: get: operationId: getCertificateAuthorityDerCertificate tags: - PKI Certificate Authorities description: Get DER-encoded certificate of CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the CA certificate from. - schema: type: string in: path name: caCertId required: true description: The ID of the CA certificate to get. responses: '200': description: Default Response content: application/json: schema: {} '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/csr: get: operationId: getCertificateAuthorityCsr tags: - PKI Certificate Authorities description: Get CA CSR parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to generate CSR from. responses: '200': description: Default Response content: application/json: schema: type: object properties: csr: type: string description: The generated CSR from the CA. required: - csr additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/renew: post: operationId: renewCertificateAuthority tags: - PKI Certificate Authorities description: Perform CA certificate renewal requestBody: required: true content: application/json: schema: type: object properties: type: type: string enum: - existing description: The type of behavior to use for the renewal operation. Currently Infisical is only able to renew a CA certificate with the same key pair. notAfter: type: string description: The expiry date and time for the renewed CA certificate in YYYY-MM-DDTHH:mm:ss.sssZ format. required: - type - notAfter additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to renew the CA certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The renewed CA certificate body. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the renewed CA certificate. required: - certificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/ca-certificates: get: operationId: listCertificateAuthorityCertificates tags: - PKI Certificate Authorities description: Get list of past and current CA certificates for a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the CA certificates for. responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: certificate: type: string description: The certificate body of the CA certificate. certificateChain: type: string description: The certificate chain of the CA certificate. serialNumber: type: string description: The serial number of the CA certificate. version: type: number description: The version of the CA certificate. The version is incremented for each CA renewal operation. required: - certificate - certificateChain - serialNumber - version additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/certificate: get: operationId: getCertificateAuthorityCertificate tags: - PKI Certificate Authorities description: Get current CA cert and cert chain of a CA parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to get the certificate body and certificate chain from. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the CA. certificateChain: type: string description: The certificate chain of the CA. serialNumber: type: string description: The serial number of the CA certificate. required: - certificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/sign-intermediate: post: operationId: signIntermediateCertificateAuthority tags: - PKI Certificate Authorities description: Create intermediate CA certificate from parent CA requestBody: required: true content: application/json: schema: type: object properties: csr: type: string minLength: 1 description: The pem-encoded CSR to sign with the CA. notBefore: type: string description: The date and time when the intermediate CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the intermediate CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 default: -1 description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. required: - csr - notAfter additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to sign the intermediate certificate with. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The signed intermediate certificate. certificateChain: type: string description: The certificate chain of the intermediate certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. serialNumber: type: string description: The serial number of the intermediate certificate. required: - certificate - certificateChain - issuingCaCertificate - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/{caId}/import-certificate: post: operationId: importCertificateAuthorityCertificate tags: - PKI Certificate Authorities description: Import certificate and chain to CA requestBody: required: true content: application/json: schema: type: object properties: certificate: type: string description: The certificate body to import. certificateChain: type: string description: The certificate chain to import. required: - certificate - certificateChain additionalProperties: false parameters: - schema: type: string in: path name: caId required: true description: The ID of the CA to import the certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string caId: type: string required: - message - caId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/internal: get: tags: - PKI Certificate Authorities parameters: - schema: type: string minLength: 1 in: query name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Internal Certificate Authority to create. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to create the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the Internal Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The status of the Internal Certificate Authority. configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - name - projectId - enableDirectIssuance - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/internal/{caName}: get: tags: - PKI Certificate Authorities parameters: - schema: type: string format: uuid in: query name: projectId required: true - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Internal Certificate Authority. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to update the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the Internal Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the Internal Certificate Authority. required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string format: uuid required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/acme: get: tags: - PKI Certificate Authorities parameters: - schema: type: string minLength: 1 in: query name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the ACME-compatible CA Certificate Authority to create. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to create the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the ACME-compatible CA Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The status of the ACME-compatible CA Certificate Authority. configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. eabHmacKey: type: string maxLength: 512 description: The External Account Binding (EAB) HMAC key for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - name - projectId - enableDirectIssuance - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/acme/{caName}: get: tags: - PKI Certificate Authorities parameters: - schema: type: string format: uuid in: query name: projectId required: true - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the ACME-compatible CA Certificate Authority. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to update the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the ACME-compatible CA Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the ACME-compatible CA Certificate Authority. configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. eabHmacKey: type: string maxLength: 512 description: The External Account Binding (EAB) HMAC key for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string format: uuid required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/azure-ad-cs: get: tags: - PKI Certificate Authorities parameters: - schema: type: string minLength: 1 in: query name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Active Directory Certificate Service Certificate Authority to create. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to create the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the Active Directory Certificate Service Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The status of the Active Directory Certificate Service Certificate Authority. configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - name - projectId - enableDirectIssuance - status - configuration additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/azure-ad-cs/{caName}: get: tags: - PKI Certificate Authorities parameters: - schema: type: string format: uuid in: query name: projectId required: true - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Active Directory Certificate Service Certificate Authority. Must be slug-friendly. projectId: type: string format: uuid description: The ID of the project to update the Certificate Authority in. enableDirectIssuance: type: boolean description: Whether or not to enable direct issuance of certificates for the Active Directory Certificate Service Certificate Authority. status: type: string enum: - active - disabled - pending-certificate description: The updated status of the Active Directory Certificate Service Certificate Authority. configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificate Authorities requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string format: uuid required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: caName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/ca/azure-ad-cs/{caId}/templates: get: description: Get available certificate templates from Azure AD CS CA parameters: - schema: type: string in: query name: projectId required: true description: Project ID - schema: type: string in: path name: caId required: true description: Azure AD CS CA ID responses: '200': description: Default Response content: application/json: schema: type: object properties: templates: type: array items: type: object properties: id: type: string description: Template identifier name: type: string description: Template display name description: type: string description: Template description required: - id - name additionalProperties: false required: - templates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/{serialNumber}: get: tags: - PKI Certificates description: Get certificate parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter - projectId additionalProperties: false required: - certificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificates description: Delete certificate parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter - projectId additionalProperties: false required: - certificate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/{serialNumber}/private-key: get: tags: - PKI Certificates description: Get certificate private key parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to get. responses: '200': description: Default Response content: application/json: schema: type: string '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/{serialNumber}/bundle: get: tags: - PKI Certificates description: Get certificate bundle including the certificate, chain, and private key. parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to get the certificate body and certificate chain for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the certificate. certificateChain: type: string nullable: true description: The certificate chain of the certificate. privateKey: type: string nullable: true description: The private key of the certificate. serialNumber: type: string description: The serial number of the certificate. required: - certificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/issue-certificate: post: tags: - PKI Certificates description: Issue certificate requestBody: required: true content: application/json: schema: type: object properties: caId: type: string description: The ID of the CA to issue the certificate from. certificateTemplateId: type: string description: The ID of the certificate template to issue the certificate from. pkiCollectionId: type: string description: The ID of the PKI collection to add the certificate to. friendlyName: type: string description: A friendly name for the certificate. commonName: type: string minLength: 1 description: The common name (CN) for the certificate. altNames: type: string default: '' description: A comma-delimited list of Subject Alternative Names (SANs) for the certificate; these can be host names or email addresses. ttl: type: string description: The time to live for the certificate such as 1m, 1h, 1d, 1y, ... notBefore: type: string description: The date and time when the certificate becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the certificate expires in YYYY-MM-DDTHH:mm:ss.sssZ format. keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly description: The key usage extension of the certificate. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning description: The extended key usage extension of the certificate. required: - commonName - ttl additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The issued certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. certificateChain: type: string description: The certificate chain of the issued certificate. privateKey: type: string description: The private key of the issued certificate. serialNumber: type: string description: The serial number of the issued certificate. required: - certificate - issuingCaCertificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/import-certificate: post: tags: - PKI Certificates description: Import certificate requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string minLength: 1 description: Slug of the project to import the certificate into. certificatePem: type: string minLength: 1 description: The PEM-encoded leaf certificate. privateKeyPem: type: string minLength: 1 description: Optional PEM-encoded private key associated with the certificate. chainPem: type: string minLength: 1 description: Optional PEM-encoded chain of intermediate certificates. friendlyName: type: string description: A friendly name for the certificate. pkiCollectionId: type: string description: The ID of the PKI collection to add the certificate to. required: - projectSlug - certificatePem additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The imported certificate. certificateChain: type: string description: The certificate chain associated with the imported certificate. Returned only when a chain was supplied at import. privateKey: type: string description: The PEM-encoded private key associated with the imported certificate. Returned only when a private key was supplied at import. serialNumber: type: string description: The serial number of the imported certificate. required: - certificate - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/sign-certificate: post: tags: - PKI Certificates description: Sign certificate requestBody: required: true content: application/json: schema: type: object properties: caId: type: string description: The ID of the CA to issue the certificate from. certificateTemplateId: type: string description: The ID of the certificate template to issue the certificate from. pkiCollectionId: type: string description: The ID of the PKI collection to add the certificate to. csr: type: string minLength: 1 description: The pem-encoded CSR to sign with the CA to be used for certificate issuance. friendlyName: type: string description: A friendly name for the certificate. commonName: type: string minLength: 1 description: The common name (CN) for the certificate. altNames: type: string default: '' description: A comma-delimited list of Subject Alternative Names (SANs) for the certificate; these can be host names or email addresses. ttl: type: string description: The time to live for the certificate such as 1m, 1h, 1d, 1y, ... notBefore: type: string description: The date and time when the certificate becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the certificate expires in YYYY-MM-DDTHH:mm:ss.sssZ format. keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly description: The key usage extension of the certificate. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning description: The extended key usage extension of the certificate. required: - csr - ttl additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The issued certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. certificateChain: type: string description: The certificate chain of the issued certificate. serialNumber: type: string description: The serial number of the issued certificate. required: - certificate - issuingCaCertificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/{serialNumber}/revoke: post: tags: - PKI Certificates description: Revoke requestBody: required: true content: application/json: schema: type: object properties: revocationReason: type: string enum: - UNSPECIFIED - KEY_COMPROMISE - CA_COMPROMISE - AFFILIATION_CHANGED - SUPERSEDED - CESSATION_OF_OPERATION - CERTIFICATE_HOLD - PRIVILEGE_WITHDRAWN - A_A_COMPROMISE description: The reason for revoking the certificate. required: - revocationReason additionalProperties: false parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to revoke. The revoked certificate will be added to the certificate revocation list (CRL) of the CA. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string serialNumber: type: string description: The serial number of the revoked certificate. revokedAt: type: string format: date-time description: The date and time when the certificate was revoked. required: - message - serialNumber - revokedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificates/{serialNumber}/certificate: get: tags: - PKI Certificates description: Get certificate body of certificate parameters: - schema: type: string in: path name: serialNumber required: true description: The serial number of the certificate to get the certificate body and certificate chain for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The certificate body of the certificate. certificateChain: type: string nullable: true description: The certificate chain of the certificate. serialNumber: type: string description: The serial number of the certificate. required: - certificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-templates/{certificateTemplateId}: get: tags: - PKI Certificate Templates parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the certificate template to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: caId: type: string description: The ID of the certificate authority to update the association with the template. pkiCollectionId: type: string description: The ID of the PKI collection to update the binding to the template. name: type: string minLength: 1 maxLength: 64 description: The updated name of the template. commonName: type: string minLength: 1 maxLength: 100 description: The updated regular expression string for validating common names. subjectAlternativeName: type: string minLength: 1 maxLength: 100 description: The updated regular expression string for validating subject alternative names. ttl: type: string description: The updated max TTL for the template. keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly description: The updated key usage constraint or default value for when template is used during certificate issuance. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning description: The updated extended key usage constraint or default value for when template is used during certificate issuance. additionalProperties: false parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the certificate template to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificate Templates parameters: - schema: type: string in: path name: certificateTemplateId required: true description: The ID of the certificate template to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-templates: post: tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: caId: type: string description: The ID of the certificate authority to associate the template with. pkiCollectionId: type: string description: The ID of the PKI collection to bind to the template. name: type: string minLength: 1 maxLength: 64 description: The name of the template. commonName: type: string minLength: 1 maxLength: 100 description: The regular expression string to use for validating common names. subjectAlternativeName: type: string minLength: 1 maxLength: 100 description: The regular expression string to use for validating subject alternative names. ttl: type: string description: The max TTL for the template. keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly default: - digitalSignature - keyEncipherment description: The key usage constraint or default value for when template is used during certificate issuance. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning default: [] description: The extended key usage constraint or default value for when template is used during certificate issuance. required: - caId - name - commonName - subjectAlternativeName - ttl additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-templates/{certificateTemplateId}/est-config: post: tags: - PKI Certificate Templates description: Create Certificate Template EST configuration requestBody: required: true content: application/json: schema: type: object properties: caChain: type: string passphrase: type: string minLength: 1 isEnabled: type: boolean default: true disableBootstrapCertValidation: type: boolean default: false required: - passphrase additionalProperties: false parameters: - schema: type: string in: path name: certificateTemplateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid certificateTemplateId: type: string format: uuid isEnabled: type: boolean disableBootstrapCertValidation: type: boolean default: false required: - id - certificateTemplateId - isEnabled additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Templates description: Update Certificate Template EST configuration requestBody: required: true content: application/json: schema: type: object properties: caChain: type: string passphrase: type: string minLength: 1 disableBootstrapCertValidation: type: boolean isEnabled: type: boolean additionalProperties: false parameters: - schema: type: string in: path name: certificateTemplateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid certificateTemplateId: type: string format: uuid isEnabled: type: boolean disableBootstrapCertValidation: type: boolean default: false required: - id - certificateTemplateId - isEnabled additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - PKI Certificate Templates description: Get Certificate Template EST configuration parameters: - schema: type: string in: path name: certificateTemplateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid certificateTemplateId: type: string format: uuid isEnabled: type: boolean disableBootstrapCertValidation: type: boolean default: false caChain: type: string required: - id - certificateTemplateId - isEnabled - caChain additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles: post: tags: - PKI Certificate Profiles requestBody: required: true content: application/json: schema: type: object properties: caId: type: string format: uuid certificatePolicyId: type: string format: uuid slug: type: string minLength: 1 maxLength: 255 pattern: ^[a-z0-9-]+$ description: type: string maxLength: 1000 issuerType: type: string enum: - ca - self-signed default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: integer exclusiveMinimum: true minimum: 0 commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: integer minimum: 0 required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true required: - certificatePolicyId - slug additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - PKI Certificate Profiles parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string in: query name: search required: false - schema: type: string enum: - api - est - acme - scep in: query name: enrollmentType required: false - schema: type: string enum: - ca - self-signed in: query name: issuerType required: false - schema: type: string format: uuid in: query name: caId required: false - schema: type: string format: uuid in: query name: applicationId required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfiles: type: array items: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true certificateAuthority: type: object properties: id: type: string status: type: string name: type: string isExternal: type: boolean externalType: type: string nullable: true required: - id - status - name additionalProperties: false metrics: type: object properties: profileId: type: string totalCertificates: type: number activeCertificates: type: number expiredCertificates: type: number expiringCertificates: type: number revokedCertificates: type: number required: - profileId - totalCertificates - activeCertificates - expiredCertificates - expiringCertificates - revokedCertificates additionalProperties: false estConfig: type: object properties: id: type: string disableBootstrapCaValidation: type: boolean passphrase: type: string caChain: type: string required: - id - disableBootstrapCaValidation additionalProperties: false apiConfig: type: object properties: id: type: string autoRenew: type: boolean renewBeforeDays: type: number required: - id - autoRenew additionalProperties: false acmeConfig: type: object properties: id: type: string directoryUrl: type: string skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean required: - id - directoryUrl additionalProperties: false scepConfig: type: object properties: id: type: string scepEndpointUrl: type: string raCertificatePem: type: string raCertExpiresAt: type: string format: date-time includeCaCertInResponse: type: boolean allowCertBasedRenewal: type: boolean challengeType: type: string challengeEndpointUrl: type: string dynamicChallengeExpiryMinutes: type: number dynamicChallengeMaxPending: type: number required: - id - scepEndpointUrl - raCertificatePem - raCertExpiresAt - includeCaCertInResponse - allowCertBasedRenewal - challengeType additionalProperties: false required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - certificateProfiles - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles/{id}: get: tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true certificateAuthority: type: object properties: id: type: string projectId: type: string status: type: string name: type: string isExternal: type: boolean externalType: type: string nullable: true required: - id - projectId - status - name additionalProperties: false certificatePolicy: type: object properties: id: type: string projectId: type: string name: type: string description: type: string required: - id - projectId - name additionalProperties: false estConfig: type: object properties: id: type: string disableBootstrapCaValidation: type: boolean caChain: type: string required: - id - disableBootstrapCaValidation additionalProperties: false apiConfig: type: object properties: id: type: string autoRenew: type: boolean renewBeforeDays: type: number required: - id - autoRenew additionalProperties: false acmeConfig: type: object properties: id: type: string directoryUrl: type: string skipDnsOwnershipVerification: type: boolean skipEabBinding: type: boolean required: - id - directoryUrl additionalProperties: false scepConfig: type: object properties: id: type: string scepEndpointUrl: type: string raCertificatePem: type: string raCertExpiresAt: type: string format: date-time includeCaCertInResponse: type: boolean allowCertBasedRenewal: type: boolean challengeType: type: string challengeEndpointUrl: type: string dynamicChallengeExpiryMinutes: type: number dynamicChallengeMaxPending: type: number required: - id - scepEndpointUrl - raCertificatePem - raCertExpiresAt - includeCaCertInResponse - allowCertBasedRenewal - challengeType additionalProperties: false required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Certificate Profiles requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 255 pattern: ^[a-z0-9-]+$ description: type: string maxLength: 1000 nullable: true issuerType: type: string enum: - ca - self-signed externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: integer exclusiveMinimum: true minimum: 0 commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: integer minimum: 0 required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true additionalProperties: false parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles/slug/{slug}: get: tags: - PKI Certificate Profiles parameters: - schema: type: string minLength: 1 in: path name: slug required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateProfile: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true certificatePolicyId: type: string format: uuid slug: type: string description: type: string nullable: true enrollmentType: type: string estConfigId: type: string format: uuid nullable: true apiConfigId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time acmeConfigId: type: string format: uuid nullable: true issuerType: type: string default: ca externalConfigs: anyOf: - type: object properties: template: type: string minLength: 1 description: Certificate template name for Azure AD CS required: - template additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false - type: object properties: {} additionalProperties: false nullable: true defaults: type: object properties: ttlDays: type: number commonName: type: string keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s signatureAlgorithm: type: string enum: - RSA-SHA256 - RSA-SHA384 - RSA-SHA512 - ECDSA-SHA256 - ECDSA-SHA384 - ECDSA-SHA512 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s keyUsages: type: array items: type: string enum: - digital_signature - key_encipherment - non_repudiation - data_encipherment - key_agreement - key_cert_sign - crl_sign - encipher_only - decipher_only extendedKeyUsages: type: array items: type: string enum: - client_auth - server_auth - code_signing - email_protection - ocsp_signing - time_stamping basicConstraints: type: object properties: isCA: type: boolean pathLength: type: number required: - isCA additionalProperties: false organization: type: string organizationalUnit: type: string country: type: string state: type: string locality: type: string additionalProperties: false nullable: true scepConfigId: type: string format: uuid nullable: true required: - id - projectId - certificatePolicyId - slug - enrollmentType - createdAt - updatedAt additionalProperties: false required: - certificateProfile additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles/{id}/certificates: get: tags: - PKI Certificate Profiles parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string enum: - active - expired - revoked in: query name: status required: false - schema: type: string in: query name: search required: false - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string serialNumber: type: string cn: type: string status: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time required: - id - serialNumber - cn - status - notBefore - notAfter - createdAt additionalProperties: false required: - certificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles/{id}/certificates/latest-active-bundle: get: tags: - PKI Certificate Profiles description: Get latest active certificate bundle for a profile parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string nullable: true certificateChain: type: string nullable: true privateKey: type: string nullable: true serialNumber: type: string nullable: true required: - certificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/certificate-profiles/{id}/acme/eab-secret/reveal: get: tags: - PKI Certificate Profiles parameters: - schema: type: string format: uuid in: path name: id required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: eabKid: type: string eabSecret: type: string required: - eabKid - eabSecret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/collections: post: tags: - PKI Certificate Collections description: Create PKI collection requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the PKI collection in. name: type: string description: The name of the PKI collection. description: type: string default: '' description: A description for the PKI collection. required: - projectId - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/collections/{collectionId}: get: operationId: getPkiCollection tags: - PKI Certificate Collections description: Get PKI collection parameters: - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiCollection tags: - PKI Certificate Collections description: Update PKI collection requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the PKI collection to update to. description: type: string description: The description for the PKI collection to update to. additionalProperties: false parameters: - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiCollection tags: - PKI Certificate Collections description: Delete PKI collection parameters: - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/collections/{collectionId}/items: get: operationId: listPkiCollectionItems tags: - PKI Certificate Collections description: Get items in PKI collection parameters: - schema: type: string enum: - certificate - ca in: query name: type required: false description: The type of the PKI collection item to list. - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: The number of items to return. - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to list items from. responses: '200': description: Default Response content: application/json: schema: type: object properties: collectionItems: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time pkiCollectionId: type: string format: uuid type: type: string enum: - certificate - ca itemId: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time friendlyName: type: string required: - id - createdAt - updatedAt - pkiCollectionId - type - itemId - notBefore - notAfter - friendlyName additionalProperties: false totalCount: type: number required: - collectionItems - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: addItemToPkiCollection tags: - PKI Certificate Collections description: Add item to PKI collection requestBody: required: true content: application/json: schema: type: object properties: type: type: string enum: - certificate - ca description: The type of the PKI collection item to add. itemId: type: string description: The resource ID of the PKI collection item to add. required: - type - itemId additionalProperties: false parameters: - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to add the item to. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time pkiCollectionId: type: string format: uuid type: type: string enum: - certificate - ca description: The type of the PKI collection item to add. itemId: type: string description: The resource ID of the PKI collection item to add. required: - id - createdAt - updatedAt - pkiCollectionId - type - itemId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/collections/{collectionId}/items/{collectionItemId}: delete: operationId: removeItemFromPkiCollection tags: - PKI Certificate Collections description: Remove item from PKI collection parameters: - schema: type: string in: path name: collectionId required: true description: The ID of the PKI collection to delete the item from. - schema: type: string in: path name: collectionItemId required: true description: The ID of the PKI collection item to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time pkiCollectionId: type: string format: uuid type: type: string enum: - certificate - ca description: The type of the deleted PKI collection item. itemId: type: string description: The resource ID of the deleted PKI collection item. required: - id - createdAt - updatedAt - pkiCollectionId - type - itemId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}: get: operationId: getPkiSubscriber tags: - PKI Subscribers description: Get PKI Subscriber parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to get the PKI subscriber for. - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePkiSubscriber tags: - PKI Subscribers description: Update PKI Subscriber requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to update the PKI subscriber in. caId: type: string format: uuid minLength: 1 description: The ID of the CA that will issue certificates for the PKI subscriber to update to. name: type: string minLength: 1 maxLength: 64 description: The name of the PKI subscriber to update to. commonName: type: string minLength: 1 description: The common name (CN) to be used on certificates issued for this subscriber to update to. status: type: string enum: - active - disabled description: The status of the PKI subscriber to update to. This can be one of active or disabled. subjectAlternativeNames: type: array items: type: string description: A comma-delimited list of Subject Alternative Names (SANs) to be used on certificates issued for this subscriber; these can be host names or email addresses. ttl: type: string description: The time to live for the certificates issued for this subscriber such as 1m, 1h, 1d, 1y, ... keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly description: The key usage extension to be used on certificates issued for this subscriber to update to. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning description: The extended key usage extension to be used on certificates issued for this subscriber to update to. enableAutoRenewal: type: boolean description: Whether or not to enable auto renewal for the PKI subscriber. autoRenewalPeriodInDays: type: number minimum: 1 description: The period in days to auto renew the PKI subscriber's certificates. properties: type: object properties: azureTemplateType: type: string description: Azure ADCS Certificate Template Type organization: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Organization (O) - Maximum 64 characters, no special DN characters organizationalUnit: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Organizational Unit (OU) - Maximum 64 characters, no special DN characters country: type: string minLength: 2 maxLength: 2 pattern: ^[A-Z]{2}$ description: Country (C) - Two uppercase letter country code (e.g., US, CA, GB) state: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: State/Province (ST) - Maximum 64 characters, no special DN characters locality: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Locality (L) - Maximum 64 characters, no special DN characters emailAddress: type: string format: email minLength: 6 maxLength: 64 description: Email Address - Valid email format between 6 and 64 characters additionalProperties: false description: Additional subscriber properties and subject fields required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Subscribers description: Delete PKI Subscriber requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project of the PKI subscriber to delete. required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers: post: operationId: createPkiSubscriber tags: - PKI Subscribers description: Create PKI Subscriber requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the PKI subscriber in. caId: type: string format: uuid minLength: 1 description: The ID of the CA that will issue certificates for the PKI subscriber. name: type: string minLength: 1 maxLength: 64 description: The name of the PKI subscriber. commonName: type: string minLength: 1 description: The common name (CN) to be used on certificates issued for this subscriber. status: type: string enum: - active - disabled default: active description: The status of the PKI subscriber. This can be one of active or disabled. ttl: type: string description: The time to live for the certificates issued for this subscriber such as 1m, 1h, 1d, 1y, ... subjectAlternativeNames: type: array items: type: string default: [] description: A list of Subject Alternative Names (SANs) to be used on certificates issued for this subscriber; these can be host names or email addresses. keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly default: - digitalSignature - keyEncipherment description: The key usage extension to be used on certificates issued for this subscriber. extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning default: [] description: The extended key usage extension to be used on certificates issued for this subscriber. enableAutoRenewal: type: boolean description: Whether or not to enable auto renewal for the PKI subscriber. autoRenewalPeriodInDays: type: number minimum: 1 description: The period in days to auto renew the PKI subscriber's certificates. properties: type: object properties: azureTemplateType: type: string description: Azure ADCS Certificate Template Type organization: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Organization (O) - Maximum 64 characters, no special DN characters organizationalUnit: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Organizational Unit (OU) - Maximum 64 characters, no special DN characters country: type: string minLength: 2 maxLength: 2 pattern: ^[A-Z]{2}$ description: Country (C) - Two uppercase letter country code (e.g., US, CA, GB) state: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: State/Province (ST) - Maximum 64 characters, no special DN characters locality: type: string minLength: 1 maxLength: 64 allOf: - pattern: ^[^,=+<>#;\\"\/\r\n\t]*$ - pattern: ^[^\\s\\-_.]+.*[^\\s\\-_.]+$|^[^\\s\\-_.]{1}$ description: Locality (L) - Maximum 64 characters, no special DN characters emailAddress: type: string format: email minLength: 6 maxLength: 64 description: Email Address - Valid email format between 6 and 64 characters additionalProperties: false description: Additional subscriber properties and subject fields required: - projectId - caId - name - commonName additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}/order-certificate: post: operationId: orderPkiSubscriberCertificate tags: - PKI Subscribers description: Order certificate requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project of the PKI subscriber to issue the certificate for. required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to issue the certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}/issue-certificate: post: operationId: issuePkiSubscriberCertificate tags: - PKI Subscribers description: Issue certificate requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project of the PKI subscriber to issue the certificate for. required: - projectId additionalProperties: false parameters: - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to issue the certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The issued certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. certificateChain: type: string description: The certificate chain of the issued certificate. privateKey: type: string description: The private key of the issued certificate. serialNumber: type: string description: The serial number of the issued certificate. required: - certificate - issuingCaCertificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}/sign-certificate: post: operationId: signPkiSubscriberCertificate tags: - PKI Subscribers description: Sign certificate requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project of the PKI subscriber to sign the certificate for. csr: type: string minLength: 1 maxLength: 3000 description: The CSR to be used to sign the certificate. required: - projectId - csr additionalProperties: false parameters: - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to sign the certificate for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The signed certificate. issuingCaCertificate: type: string description: The certificate of the issuing CA. certificateChain: type: string description: The certificate chain of the signed certificate. serialNumber: type: string description: The serial number of the issued certificate. required: - certificate - issuingCaCertificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}/latest-certificate-bundle: get: operationId: getPkiSubscriberLatestCertificateBundle tags: - PKI Subscribers description: Get latest certificate bundle of a subscriber parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to get the active certificate bundle for. - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to get the active certificate bundle for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string description: The active certificate for the subscriber. certificateChain: type: string nullable: true description: The certificate chain of the active certificate for the subscriber. privateKey: type: string description: The private key of the active certificate for the subscriber. serialNumber: type: string description: The serial number of the active certificate for the subscriber. required: - certificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/subscribers/{subscriberName}/certificates: get: operationId: listPkiSubscriberCertificates tags: - PKI Subscribers description: List PKI Subscriber certificates parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project of the PKI subscriber to list the certificates for. - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: The number of certificates to return. - schema: type: string in: path name: subscriberName required: true description: The name of the PKI subscriber to get. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time caId: type: string format: uuid nullable: true status: type: string serialNumber: type: string friendlyName: type: string commonName: type: string notBefore: type: string format: date-time notAfter: type: string format: date-time revokedAt: type: string format: date-time nullable: true revocationReason: type: number nullable: true altNames: type: string nullable: true caCertId: type: string format: uuid nullable: true certificateTemplateId: type: string format: uuid nullable: true keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string pkiSubscriberId: type: string format: uuid nullable: true profileId: type: string format: uuid nullable: true renewBeforeDays: type: number nullable: true renewedFromCertificateId: type: string format: uuid nullable: true renewedByCertificateId: type: string format: uuid nullable: true renewalError: type: string nullable: true keyAlgorithm: type: string nullable: true signatureAlgorithm: type: string nullable: true subjectOrganization: type: string nullable: true subjectOrganizationalUnit: type: string nullable: true subjectCountry: type: string nullable: true subjectState: type: string nullable: true subjectLocality: type: string nullable: true fingerprintSha256: type: string nullable: true fingerprintSha1: type: string nullable: true isCA: type: boolean nullable: true pathLength: type: number nullable: true source: type: string nullable: true discoveryMetadata: nullable: true externalMetadata: nullable: true applicationId: type: string format: uuid nullable: true required: - id - createdAt - updatedAt - status - serialNumber - friendlyName - commonName - notBefore - notAfter - projectId additionalProperties: false totalCount: type: number required: - certificates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/options: get: tags: - PKI Syncs description: List the available PKI Sync Options. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncOptions: type: array items: type: object properties: name: type: string connection: type: string enum: - github - github-radar - aws - databricks - gcp - azure-key-vault - azure-app-configuration - azure-client-secrets - azure-devops - azure-adcs - azure-dns - humanitec - terraform-cloud - vercel - postgres - mssql - mysql - camunda - windmill - auth0 - hashicorp-vault - ldap - teamcity - oci - oracledb - 1password - heroku - render - flyio - gitlab - cloudflare - dns-made-easy - zabbix - railway - bitbucket - checkly - supabase - digital-ocean - netlify - okta - redis - mongodb - laravel-forge - chef - northflank - octopus-deploy - ssh - dbt - smb - open-router - circleci - azure-entra-id - venafi - venafi-tpp - external-infisical - doppler - netscaler - anthropic - ovh - devin - ona - digicert - travis-ci - salesforce - snowflake - datadog - f5-big-ip - godaddy - convex destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip canImportCertificates: type: boolean canRemoveCertificates: type: boolean defaultCertificateNameSchema: type: string forbiddenCharacters: type: string allowedCharacterPattern: type: string maxCertificateNameLength: type: number minCertificateNameLength: type: number required: - name - connection - destination - canImportCertificates - canRemoveCertificates additionalProperties: false required: - pkiSyncOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs: get: tags: - PKI Syncs description: List all the PKI Syncs for the specified project. parameters: - schema: type: string format: uuid in: query name: certificateId required: false - schema: type: string format: uuid in: query name: applicationId required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object additionalProperties: {} syncOptions: type: object additionalProperties: {} projectId: type: string format: uuid applicationId: type: string format: uuid nullable: true subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true appConnectionName: type: string appConnectionApp: type: string connection: type: object properties: id: type: string name: type: string app: type: string encryptedCredentials: nullable: true orgId: type: string format: uuid projectId: type: string format: uuid nullable: true method: type: string description: type: string nullable: true version: type: number gatewayId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean nullable: true required: - id - name - app - orgId - method - version - createdAt - updatedAt additionalProperties: false subscriber: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false nullable: true hasCertificate: type: boolean required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt - appConnectionName - appConnectionApp - connection additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/{pkiSyncId}: get: tags: - PKI Syncs description: Get a PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true destination: type: string enum: - azure-key-vault - aws-certificate-manager - aws-secrets-manager - aws-elastic-load-balancer - chef - cloudflare-custom-certificate - netscaler - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object additionalProperties: {} syncOptions: type: object additionalProperties: {} projectId: type: string format: uuid applicationId: type: string format: uuid nullable: true subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true appConnectionName: type: string appConnectionApp: type: string connection: type: object properties: id: type: string name: type: string app: type: string encryptedCredentials: nullable: true orgId: type: string format: uuid projectId: type: string format: uuid nullable: true method: type: string description: type: string nullable: true version: type: number gatewayId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean nullable: true required: - id - name - app - orgId - method - version - createdAt - updatedAt additionalProperties: false subscriber: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false nullable: true hasCertificate: type: boolean required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt - appConnectionName - appConnectionApp - connection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/{pkiSyncId}/certificates: get: tags: - PKI Syncs description: List all certificates associated with a PKI Sync. parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false - schema: type: number minimum: 1 maximum: 100 default: 20 in: query name: limit required: false - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificates: type: array items: type: object properties: id: type: string format: uuid pkiSyncId: type: string format: uuid certificateId: type: string format: uuid syncStatus: type: string enum: - pending - syncing - succeeded - failed - running lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time certificateSerialNumber: type: string certificateCommonName: type: string certificateAltNames: type: string certificateStatus: type: string certificateNotBefore: type: string format: date-time certificateNotAfter: type: string format: date-time certificateRenewBeforeDays: type: number nullable: true certificateRenewalError: type: string nullable: true pkiSyncName: type: string pkiSyncDestination: type: string syncMetadata: type: object properties: isDefault: type: boolean additionalProperties: {} nullable: true required: - id - pkiSyncId - certificateId - syncStatus - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - certificates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Add certificates to a PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: certificateIds: type: array items: type: string format: uuid minItems: 1 required: - certificateIds additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: addedCertificates: type: array items: type: object properties: id: type: string format: uuid pkiSyncId: type: string format: uuid certificateId: type: string format: uuid syncStatus: type: string default: pending nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - pkiSyncId - certificateId - createdAt - updatedAt additionalProperties: false required: - addedCertificates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Remove certificates from a PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: certificateIds: type: array items: type: string format: uuid minItems: 1 required: - certificateIds additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: removedCount: type: number required: - removedCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/azure-key-vault: get: tags: - PKI Syncs description: List the Azure Key Vault PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a Azure Key Vault PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified Azure Key Vault PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified Azure Key Vault PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified Azure Key Vault PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - azure-key-vault isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri required: - vaultBaseUrl additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false enableVersioning: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified Azure Key Vault PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified Azure Key Vault PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-certificate-manager: get: tags: - PKI Syncs description: List the AWS Certificate Manager PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a AWS Certificate Manager PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-certificate-manager/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified AWS Certificate Manager PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified AWS Certificate Manager PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified AWS Certificate Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-certificate-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveArn: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-certificate-manager/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified AWS Certificate Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-certificate-manager/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified AWS Certificate Manager PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-secrets-manager: get: tags: - PKI Syncs description: List the AWS Secrets Manager PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a AWS Secrets Manager PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-secrets-manager/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified AWS Secrets Manager PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified AWS Secrets Manager PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified AWS Secrets Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-secrets-manager isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 keyId: type: string required: - region additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveSecretOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-secrets-manager/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified AWS Secrets Manager PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-secrets-manager/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified AWS Secrets Manager PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer: get: tags: - PKI Syncs description: List the AWS Elastic Load Balancer PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a AWS Elastic Load Balancer PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified AWS Elastic Load Balancer PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified AWS Elastic Load Balancer PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified AWS Elastic Load Balancer PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - aws-elastic-load-balancer isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 loadBalancerArn: type: string minLength: 1 listeners: type: array items: type: object properties: listenerArn: type: string minLength: 1 port: type: integer exclusiveMinimum: true minimum: 0 protocol: type: string minLength: 1 setAsDefault: type: boolean required: - listenerArn - port - protocol additionalProperties: false minItems: 1 required: - region - loadBalancerArn - listeners additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: false preserveArn: type: boolean default: true includeRootCa: type: boolean default: false certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified AWS Elastic Load Balancer PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified AWS Elastic Load Balancer PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/load-balancers: get: description: List AWS Elastic Load Balancers available for the specified connection and region. parameters: - schema: type: string format: uuid in: query name: connectionId required: true - schema: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 in: query name: region required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: loadBalancers: type: array items: type: object properties: loadBalancerArn: type: string loadBalancerName: type: string type: type: string enum: - application - network - gateway scheme: type: string state: type: string vpcId: type: string dnsName: type: string required: - loadBalancerArn - loadBalancerName - type - scheme - state additionalProperties: false required: - loadBalancers additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/listeners: get: description: List HTTPS/TLS listeners for the specified AWS Elastic Load Balancer. parameters: - schema: type: string format: uuid in: query name: connectionId required: true - schema: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 in: query name: region required: true - schema: type: string minLength: 1 in: query name: loadBalancerArn required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: listeners: type: array items: type: object properties: listenerArn: type: string port: type: number protocol: type: string loadBalancerArn: type: string sslPolicy: type: string certificates: type: array items: type: object properties: certificateArn: type: string isDefault: type: boolean required: - certificateArn - isDefault additionalProperties: false required: - listenerArn - port - protocol - loadBalancerArn additionalProperties: false required: - listeners additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/aws-elastic-load-balancer/{pkiSyncId}/certificates/default: post: description: Set a certificate as the default for all listeners in this AWS ELB PKI Sync. This will trigger a sync immediately. requestBody: required: true content: application/json: schema: type: object properties: certificateId: type: string format: uuid required: - certificateId additionalProperties: false parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: description: Clear the default certificate for this AWS ELB PKI Sync. No certificate will be set as the default on listeners. This will trigger a sync immediately. parameters: - schema: type: string format: uuid in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/chef: get: tags: - PKI Syncs description: List the Chef PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a Chef PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/chef/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified Chef PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified Chef PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified Chef PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - chef isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 255 required: - dataBagName additionalProperties: false syncOptions: type: object properties: canImportCertificates: type: boolean default: false canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true updateExistingCertificates: type: boolean default: true certificateNameSchema: type: string fieldMappings: type: object properties: certificate: type: string minLength: 1 default: certificate privateKey: type: string minLength: 1 default: private_key certificateChain: type: string minLength: 1 default: certificate_chain caCertificate: type: string minLength: 1 default: ca_certificate additionalProperties: false default: certificate: certificate privateKey: private_key certificateChain: certificate_chain caCertificate: ca_certificate additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/chef/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified Chef PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/chef/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified Chef PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/cloudflare-custom-certificate: get: tags: - PKI Syncs description: List the Cloudflare Custom SSL Certificate PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a Cloudflare Custom SSL Certificate PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/cloudflare-custom-certificate/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified Cloudflare Custom SSL Certificate PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified Cloudflare Custom SSL Certificate PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified Cloudflare Custom SSL Certificate PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - cloudflare-custom-certificate isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: zoneId: type: string minLength: 1 required: - zoneId additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/cloudflare-custom-certificate/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified Cloudflare Custom SSL Certificate PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/cloudflare-custom-certificate/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified Cloudflare Custom SSL Certificate PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/netscaler: get: tags: - PKI Syncs description: List the NetScaler PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a NetScaler PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/netscaler/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified NetScaler PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified NetScaler PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified NetScaler PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - netscaler isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: vserverName: type: string maxLength: 127 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/netscaler/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified NetScaler PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/netscaler/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified NetScaler PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/f5-big-ip: get: tags: - PKI Syncs description: List the F5 BIG-IP PKI Syncs for the specified project. responses: '200': description: Default Response content: application/json: schema: type: object properties: pkiSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false required: - pkiSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - PKI Syncs description: Create a F5 BIG-IP PKI Sync for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean default: true destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false default: {} subscriberId: type: string nullable: true connectionId: type: string applicationId: type: string format: uuid certificateIds: type: array items: type: string format: uuid required: - name - destinationConfig - connectionId additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/f5-big-ip/{pkiSyncId}: get: tags: - PKI Syncs description: Get the specified F5 BIG-IP PKI Sync by ID. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - PKI Syncs description: Update the specified F5 BIG-IP PKI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: type: string isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false subscriberId: type: string nullable: true connectionId: type: string additionalProperties: false parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - PKI Syncs description: Delete the specified F5 BIG-IP PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string format: uuid name: type: string maxLength: 256 description: type: string nullable: true destination: type: string enum: - f5-big-ip isAutoSyncEnabled: type: boolean destinationConfig: type: object properties: partition: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ profileType: type: string enum: - none - client-ssl - server-ssl profileName: type: string minLength: 1 maxLength: 255 pattern: ^[a-zA-Z0-9._-]{1,255}$ createProfileIfMissing: type: boolean parentProfile: type: string minLength: 1 maxLength: 511 additionalProperties: false syncOptions: type: object properties: canRemoveCertificates: type: boolean default: true includeRootCa: type: boolean default: false preserveItemOnRenewal: type: boolean default: true certificateNameSchema: type: string additionalProperties: false projectId: type: string format: uuid subscriberId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true required: - id - name - destination - isAutoSyncEnabled - destinationConfig - syncOptions - projectId - connectionId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/f5-big-ip/{pkiSyncId}/sync: post: tags: - PKI Syncs description: Trigger a sync for the specified F5 BIG-IP PKI Sync. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/pki/syncs/f5-big-ip/{pkiSyncId}/remove-certificates: post: tags: - PKI Syncs description: Remove certificates from the specified F5 BIG-IP PKI Sync destination. parameters: - schema: type: string in: path name: pkiSyncId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration: post: operationId: createIntegration tags: - Integrations description: Create an integration to sync secrets. requestBody: required: true content: application/json: schema: type: object properties: integrationAuthId: type: string description: The ID of the integration auth object to link with integration. app: type: string description: The name of the external integration providers app entity that you want to sync secrets with. Used in Netlify, GitHub, Vercel integrations. isActive: type: boolean description: Whether the integration should be active or disabled. default: true appId: type: string description: The ID of the external integration providers app entity that you want to sync secrets with. Used in Netlify, GitHub, Vercel integrations. secretPath: type: string default: / description: The path of the secrets to sync secrets from. sourceEnvironment: type: string description: The environment to sync secret from. targetEnvironment: type: string description: The target environment of the integration provider. Used in cloudflare pages, TeamCity, Gitlab integrations. targetEnvironmentId: type: string description: The target environment ID of the integration provider. Used in cloudflare pages, teamcity, gitlab integrations. targetService: type: string description: The service based grouping identifier of the external provider. Used in Terraform cloud, Checkly, Railway and NorthFlank. targetServiceId: type: string description: The service based grouping identifier ID of the external provider. Used in Terraform cloud, Checkly, Railway and NorthFlank. owner: type: string description: External integration providers service entity owner. Used in Github. url: type: string format: uri description: The self-hosted URL of the platform to integrate with. path: type: string description: Path to save the synced secrets. Used by Gitlab, AWS Parameter Store, Vault. region: type: string description: AWS region to sync secrets to. scope: type: string description: Scope of the provider. Used by Github, Qovery. metadata: type: object properties: initialSyncBehavior: type: string description: Type of syncing behavoir with the integration. secretPrefix: type: string description: The prefix for the saved secret. Used by GCP. secretSuffix: type: string description: The suffix for the saved secret. Used by GCP. mappingBehavior: type: string enum: - one-to-one - many-to-one description: The mapping behavior of the integration. shouldAutoRedeploy: type: boolean description: Used by Render to trigger auto deploy. secretGCPLabel: type: object properties: labelName: type: string labelValue: type: string required: - labelName - labelValue additionalProperties: false description: The label for GCP secrets. secretAWSTag: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false description: The tags for AWS secrets. azureLabel: type: string description: Define which label to assign to secrets created in Azure App Configuration. githubVisibility: anyOf: - type: string enum: - selected - type: string enum: - private - type: string enum: - all description: Define where the secrets from the Github Integration should be visible. Option 'selected' lets you directly define which repositories to sync secrets to. githubVisibilityRepoIds: type: array items: type: string description: The repository IDs to sync secrets to when using the Github Integration. Only applicable when using Organization scope, and visibility is set to 'selected'. kmsKeyId: type: string description: The ID of the encryption key from AWS KMS. shouldDisableDelete: type: boolean description: The flag to disable deletion of secrets in AWS Parameter Store. shouldEnableDelete: type: boolean description: The flag to enable deletion of secrets. shouldMaskSecrets: type: boolean description: Specifies if the secrets synced from Infisical to Gitlab should be marked as 'Masked'. shouldProtectSecrets: type: boolean description: Specifies if the secrets synced from Infisical to Gitlab should be marked as 'Protected'. metadataSyncMode: type: string enum: - custom - secret-metadata description: The mode for syncing metadata to external system octopusDeployScopeValues: type: object properties: Environment: type: array items: type: string Action: type: array items: type: string Channel: type: array items: type: string Machine: type: array items: type: string ProcessOwner: type: array items: type: string Role: type: array items: type: string additionalProperties: false description: Specifies the scope values to set on synced secrets to Octopus Deploy. additionalProperties: false default: {} required: - integrationAuthId - sourceEnvironment additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integration: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true environment: type: object properties: slug: type: string name: type: string id: type: string required: - slug - name - id additionalProperties: false required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt - environment additionalProperties: false required: - integration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration/{integrationId}: patch: operationId: updateIntegration tags: - Integrations description: Update an integration by integration id requestBody: required: true content: application/json: schema: type: object properties: app: type: string description: The name of the external integration providers app entity that you want to sync secrets with. Used in Netlify, GitHub, Vercel integrations. appId: type: string description: The ID of the external integration providers app entity that you want to sync secrets with. Used in Netlify, GitHub, Vercel integrations. isActive: type: boolean description: Whether the integration should be active or disabled. secretPath: type: string default: / description: The path of the secrets to sync secrets from. targetEnvironment: type: string description: The target environment of the integration provider. Used in cloudflare pages, TeamCity, Gitlab integrations. owner: type: string description: External integration providers service entity owner. Used in Github. environment: type: string description: The environment to sync secrets from. path: type: string description: Path to save the synced secrets. Used by Gitlab, AWS Parameter Store, Vault. metadata: type: object properties: initialSyncBehavior: type: string description: Type of syncing behavoir with the integration. secretPrefix: type: string description: The prefix for the saved secret. Used by GCP. secretSuffix: type: string description: The suffix for the saved secret. Used by GCP. mappingBehavior: type: string enum: - one-to-one - many-to-one description: The mapping behavior of the integration. shouldAutoRedeploy: type: boolean description: Used by Render to trigger auto deploy. secretGCPLabel: type: object properties: labelName: type: string labelValue: type: string required: - labelName - labelValue additionalProperties: false description: The label for GCP secrets. secretAWSTag: type: array items: type: object properties: key: type: string value: type: string required: - key - value additionalProperties: false description: The tags for AWS secrets. azureLabel: type: string description: Define which label to assign to secrets created in Azure App Configuration. githubVisibility: anyOf: - type: string enum: - selected - type: string enum: - private - type: string enum: - all description: Define where the secrets from the Github Integration should be visible. Option 'selected' lets you directly define which repositories to sync secrets to. githubVisibilityRepoIds: type: array items: type: string description: The repository IDs to sync secrets to when using the Github Integration. Only applicable when using Organization scope, and visibility is set to 'selected'. kmsKeyId: type: string description: The ID of the encryption key from AWS KMS. shouldDisableDelete: type: boolean description: The flag to disable deletion of secrets in AWS Parameter Store. shouldEnableDelete: type: boolean description: The flag to enable deletion of secrets. shouldMaskSecrets: type: boolean description: Specifies if the secrets synced from Infisical to Gitlab should be marked as 'Masked'. shouldProtectSecrets: type: boolean description: Specifies if the secrets synced from Infisical to Gitlab should be marked as 'Protected'. metadataSyncMode: type: string enum: - custom - secret-metadata description: The mode for syncing metadata to external system octopusDeployScopeValues: type: object properties: Environment: type: array items: type: string Action: type: array items: type: string Channel: type: array items: type: string Machine: type: array items: type: string ProcessOwner: type: array items: type: string Role: type: array items: type: string additionalProperties: false description: Specifies the scope values to set on synced secrets to Octopus Deploy. additionalProperties: false region: type: string description: AWS region to sync secrets to. additionalProperties: false parameters: - schema: type: string in: path name: integrationId required: true description: The ID of the integration object. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integration: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true environment: type: object properties: slug: type: string name: type: string id: type: string required: - slug - name - id additionalProperties: false required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt - environment additionalProperties: false required: - integration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getIntegration tags: - Integrations description: Get an integration by integration id parameters: - schema: type: string in: path name: integrationId required: true description: The ID of the integration object. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integration: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true environment: type: object properties: slug: type: string name: type: string id: type: string required: - slug - name - id additionalProperties: false required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt - environment additionalProperties: false required: - integration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteIntegration tags: - Integrations description: Remove an integration using the integration object ID parameters: - schema: type: string enum: - 'true' - 'false' in: query name: shouldDeleteIntegrationSecrets required: false - schema: type: string in: path name: integrationId required: true description: The ID of the integration object. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integration: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt additionalProperties: false required: - integration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration/{integrationId}/sync: post: operationId: syncIntegration tags: - Integrations description: Manually trigger sync of an integration by integration id parameters: - schema: type: string in: path name: integrationId required: true description: The ID of the integration object to manually sync. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integration: type: object properties: id: type: string format: uuid isActive: type: boolean url: type: string nullable: true app: type: string nullable: true appId: type: string nullable: true targetEnvironment: type: string nullable: true targetEnvironmentId: type: string nullable: true targetService: type: string nullable: true targetServiceId: type: string nullable: true owner: type: string nullable: true path: type: string nullable: true region: type: string nullable: true scope: type: string nullable: true integration: type: string metadata: nullable: true integrationAuthId: type: string format: uuid envId: type: string format: uuid secretPath: type: string default: / createdAt: type: string format: date-time updatedAt: type: string format: date-time lastUsed: type: string format: date-time nullable: true isSynced: type: boolean nullable: true syncMessage: type: string nullable: true lastSyncJobId: type: string nullable: true required: - id - isActive - integration - integrationAuthId - envId - createdAt - updatedAt additionalProperties: false required: - integration additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration-auth/integration-options: get: tags: - Integrations description: List of integrations available. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationOptions: type: array items: type: object properties: name: type: string slug: type: string syncSlug: type: string clientSlug: type: string image: type: string isAvailable: type: boolean type: type: string clientId: type: string docsLink: type: string required: - name - slug - image - type additionalProperties: false required: - integrationOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration-auth/{integrationAuthId}: get: operationId: getIntegrationAuth tags: - Integrations description: Get details of an integration authorization by auth object id. parameters: - schema: type: string in: path name: integrationAuthId required: true description: The ID of integration authentication object. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationAuth: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - integrationAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateIntegrationAuth tags: - Integrations description: Update the integration authentication object required for syncing secrets. requestBody: required: true content: application/json: schema: type: object properties: integration: type: string enum: - azure-key-vault - aws-parameter-store - aws-secret-manager - gcp-secret-manager - heroku - vercel - netlify - github - gitlab - render - railway - flyio - laravel-forge - circleci - databricks - travisci - teamcity - supabase - checkly - qovery - terraform-cloud - hashicorp-vault - cloudflare-pages - cloudflare-workers - bitbucket - codefresh - windmill - digital-ocean-app-platform - cloud-66 - northflank - hasura-cloud - rundeck - azure-devops - azure-app-configuration - octopus-deploy description: The slug of integration for the auth object. accessId: type: string description: The unique authorized access ID of the external integration provider. accessToken: type: string description: The unique authorized access token of the external integration provider. awsAssumeIamRoleArn: type: string format: uri description: The AWS IAM Role to be assumed by Infisical. url: type: string format: uri namespace: type: string refreshToken: type: string description: The refresh token for integration authorization. additionalProperties: false parameters: - schema: type: string in: path name: integrationAuthId required: true description: The ID of integration authentication object to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationAuth: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - integrationAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteIntegrationAuth tags: - Integrations description: Remove an integration auth object by object id. parameters: - schema: type: string in: path name: integrationAuthId required: true description: The ID of integration authentication object to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationAuth: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - integrationAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration-auth: delete: operationId: deleteIntegrationAuths tags: - Integrations description: Remove all integration's auth object from the project. parameters: - schema: type: string in: query name: integration required: true description: The slug of the integration to be unauthorized. - schema: type: string in: query name: projectId required: true description: The ID of the project to delete the integration auth from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationAuth: type: array items: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - integrationAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/integration-auth/access-token: post: operationId: createIntegrationAuth tags: - Integrations description: Create the integration authentication object required for syncing secrets. requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to create the integration auth for. integration: type: string description: The slug of integration for the auth object. accessId: type: string description: The unique authorized access ID of the external integration provider. accessToken: type: string description: The unique authorized access token of the external integration provider. awsAssumeIamRoleArn: type: string format: uri description: The AWS IAM Role to be assumed by Infisical. url: type: string format: uri namespace: type: string refreshToken: type: string description: The refresh token for integration authorization. required: - workspaceId - integration additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: integrationAuth: type: object properties: id: type: string format: uuid projectId: type: string integration: type: string teamId: type: string nullable: true url: type: string nullable: true namespace: type: string nullable: true accountId: type: string nullable: true metadata: nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - integration - createdAt - updatedAt additionalProperties: false required: - integrationAuth additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identities: post: operationId: createMachineIdentity tags: - Identities description: Create machine identity requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The name of the identity to create. organizationId: type: string description: The organization ID to which the identity belongs. role: type: string minLength: 1 default: no-access description: The role of the identity. Possible values are 'no-access', 'member', and 'admin'. hasDeleteProtection: type: boolean default: false description: Prevents deletion of the identity when enabled. metadata: type: array items: type: object properties: key: type: string minLength: 1 value: type: string minLength: 1 required: - key - value additionalProperties: false required: - name - organizationId additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string authMethod: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid projectId: type: string nullable: true authMethods: type: array items: type: string metadata: type: array items: type: object properties: id: type: string key: type: string value: type: string required: - id - key - value additionalProperties: false required: - id - name - createdAt - updatedAt - orgId - authMethods - metadata additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listMachineIdentities tags: - Identities description: List machine identities parameters: - schema: type: string in: query name: orgId required: true description: The ID of the organization to list identities. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string format: uuid role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true customRole: type: object properties: id: type: string format: uuid name: type: string slug: type: string permissions: {} description: type: string nullable: true required: - id - name - slug additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid hasDeleteProtection: type: boolean default: false authMethods: type: array items: type: string required: - name - id - authMethods additionalProperties: false required: - id - role - orgId - createdAt - updatedAt - identityId - identity additionalProperties: false totalCount: type: number required: - identities - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identities/{identityId}: patch: operationId: updateMachineIdentity tags: - Identities description: Update machine identity requestBody: required: true content: application/json: schema: type: object properties: name: type: string description: The new name of the identity. role: type: string minLength: 1 description: The new role of the identity. hasDeleteProtection: type: boolean description: Prevents deletion of the identity when enabled. metadata: type: array items: type: object properties: key: type: string minLength: 1 value: type: string minLength: 1 required: - key - value additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string authMethod: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid projectId: type: string nullable: true metadata: type: array items: type: object properties: id: type: string key: type: string value: type: string required: - id - key - value additionalProperties: false required: - id - name - createdAt - updatedAt - orgId - metadata additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMachineIdentity tags: - Identities description: Delete machine identity parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid name: type: string authMethod: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid projectId: type: string nullable: true required: - id - name - createdAt - updatedAt - orgId additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getMachineIdentityById tags: - Identities description: Get a machine identity by id parameters: - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identity: type: object properties: id: type: string format: uuid role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true metadata: type: array items: type: object properties: id: type: string minLength: 1 key: type: string minLength: 1 value: type: string minLength: 1 required: - id - key - value additionalProperties: false customRole: type: object properties: id: type: string format: uuid name: type: string slug: type: string permissions: {} description: type: string nullable: true required: - id - name - slug additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid authMethods: type: array items: type: string activeLockoutAuthMethods: type: array items: type: string required: - name - id - orgId - authMethods - activeLockoutAuthMethods additionalProperties: false required: - id - role - orgId - createdAt - updatedAt - identityId - identity additionalProperties: false required: - identity additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/identities/search: post: operationId: searchMachineIdentities tags: - Identities description: Search machine identities requestBody: required: true content: application/json: schema: type: object properties: orderBy: type: string enum: - name - role default: name description: The column to order identities by. orderDirection: type: string enum: - asc - desc default: asc description: The direction to order identities in. limit: type: number maximum: 100 default: 50 description: The number of identities to return. offset: type: number default: 0 description: The offset to start from. If you enter 10, it will start from the 10th identity. search: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The organizational role of the identity to filter by. $or: type: array items: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The organizational role of the identity to filter by. additionalProperties: false description: The filters to apply to the search. maxItems: 5 additionalProperties: false description: The filters to apply to the search. additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string format: uuid role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true customRole: type: object properties: id: type: string format: uuid name: type: string slug: type: string permissions: {} description: type: string nullable: true required: - id - name - slug additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid authMethods: type: array items: type: string activeLockoutAuthMethods: type: array items: type: string required: - name - id - orgId - authMethods - activeLockoutAuthMethods additionalProperties: false required: - id - role - orgId - createdAt - updatedAt - identityId - identity additionalProperties: false totalCount: type: number required: - identities - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/shared-secrets: get: operationId: listSharedSecrets tags: - Secret Sharing description: List all shared secrets created by the authenticated user or identity in their current organization. parameters: - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start listing shared secrets from. Used for pagination. - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: The maximum number of shared secrets to return. Max is 100. responses: '200': description: Default Response content: application/json: schema: type: object properties: secrets: type: array items: type: object properties: id: type: string expiresAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAfterViews: type: number nullable: true accessType: type: string default: anyone name: type: string nullable: true lastViewedAt: type: string format: date-time nullable: true type: type: string default: share authorizedEmails: nullable: true identityId: type: string format: uuid nullable: true allowExternalEmails: type: boolean default: false nullable: true required: - id - expiresAt - createdAt - updatedAt additionalProperties: false totalCount: type: number required: - secrets - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSharedSecret tags: - Secret Sharing description: Create a new shared secret that can be accessed by a link. requestBody: required: true content: application/json: schema: type: object properties: name: type: string maxLength: 50 description: An optional name for the shared secret for easier identification. password: type: string description: An optional password to protect the shared secret. Recipients will need to provide this password to access the secret. secretValue: type: string maxLength: 10000 description: The secret value to share. expiresIn: type: string default: 30d description: The duration after which the shared secret will expire. Accepts formats like '30d', '24h', '1w'. Maximum is 30 days, minimum is 5 minutes. maxViews: type: number minimum: 1 description: The maximum number of times the shared secret can be viewed before it expires. If not provided, unlimited views are allowed. accessType: type: string enum: - anyone - organization default: organization description: Determines who can access the shared secret. 'organization' restricts access to users within your organization. 'anyone' allows access to anyone with the link. Defaults to 'organization'. authorizedEmails: type: array items: type: string format: email maxItems: 100 description: An optional array of email addresses to share the secret with. Maximum 100 emails. Organization members in the list get direct access. When allowExternalEmails is enabled, non-member emails are also accepted and recipients will receive the secret link via email, but must use the password to access it. allowExternalEmails: type: boolean description: When true, allows sharing with email addresses that do not belong to Infisical. A password is required when this option is enabled. External recipients will receive the secret link via email and must enter the password to access it. required: - secretValue additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string expiresAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAfterViews: type: number nullable: true accessType: type: string default: anyone name: type: string nullable: true lastViewedAt: type: string format: date-time nullable: true type: type: string default: share authorizedEmails: nullable: true identityId: type: string format: uuid nullable: true allowExternalEmails: type: boolean default: false nullable: true sharedSecretLink: type: string required: - id - expiresAt - createdAt - updatedAt - sharedSecretLink additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/shared-secrets/{id}: get: operationId: getSharedSecretById tags: - Secret Sharing description: Returns the full shared secret object without revealing the secret value. Authentication is required for shared secrets that are scoped to an organization. parameters: - schema: type: string in: path name: id required: true description: The ID of the shared secret to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string expiresAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAfterViews: type: number nullable: true accessType: type: string default: anyone name: type: string nullable: true lastViewedAt: type: string format: date-time nullable: true type: type: string default: share identityId: type: string format: uuid nullable: true isPasswordProtected: type: boolean description: Whether the shared secret is protected by a password. isAuthorizedUser: type: boolean description: Whether the current user is an authorized org member. If false, the user must provide a password. required: - id - expiresAt - createdAt - updatedAt - isPasswordProtected - isAuthorizedUser additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSharedSecret tags: - Secret Sharing description: Delete a shared secret by its ID. parameters: - schema: type: string in: path name: id required: true description: The ID of the shared secret to delete. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string expiresAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAfterViews: type: number nullable: true accessType: type: string default: anyone name: type: string nullable: true lastViewedAt: type: string format: date-time nullable: true type: type: string default: share authorizedEmails: nullable: true identityId: type: string format: uuid nullable: true allowExternalEmails: type: boolean default: false nullable: true required: - id - expiresAt - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/shared-secrets/{id}/access: post: operationId: accessSharedSecret tags: - Secret Sharing description: Access a shared secret by its ID. If the secret is password protected, you must provide the password in the request body. Returns the secret value if access is granted, or an error if access is denied. The endpoint requires authentication if the shared secret is scoped to an organization. requestBody: required: true content: application/json: schema: type: object properties: password: type: string description: The password for accessing a password-protected shared secret. Only required if the secret is password protected. additionalProperties: false parameters: - schema: type: string in: path name: id required: true description: The ID of the shared secret to access. responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string expiresAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAfterViews: type: number nullable: true accessType: type: string default: anyone name: type: string nullable: true lastViewedAt: type: string format: date-time nullable: true type: type: string default: share authorizedEmails: nullable: true identityId: type: string format: uuid nullable: true allowExternalEmails: type: boolean default: false nullable: true orgName: type: string secretValue: type: string required: - id - expiresAt - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys: post: operationId: createKmsKey tags: - KMS Keys description: Create KMS key requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the key in. name: type: string minLength: 1 maxLength: 32 description: The name of the key to be created. Must be slug-friendly. description: type: string maxLength: 500 description: An optional description of the key. keyUsage: type: string enum: - encrypt-decrypt - sign-verify default: encrypt-decrypt description: The type of key to be created, either encrypt-decrypt or sign-verify, based on your intended use for the key. encryptionAlgorithm: type: string enum: - aes-256-gcm - aes-128-gcm - RSA_4096 - ECC_NIST_P256 - ECC_NIST_P384 - ECC_NIST_P521 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 default: aes-256-gcm description: The algorithm to use when performing cryptographic operations with the key. required: - projectId - name additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: key: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false required: - key additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listKmsKeys tags: - KMS Keys description: List KMS keys parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to list keys from. - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th key. - schema: type: number minimum: 1 maximum: 100 default: 100 in: query name: limit required: false description: The number of keys to return. - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The column to order keys by. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction to order keys in. - schema: type: string in: query name: search required: false description: The text string to filter key names by. responses: '200': description: Default Response content: application/json: schema: type: object properties: keys: type: array items: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false totalCount: type: number required: - keys - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}: patch: operationId: updateKmsKey tags: - KMS Keys description: Update KMS key requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 32 description: The updated name of this key. Must be slug-friendly. isDisabled: type: boolean description: The flag to enable or disable this key. description: type: string maxLength: 500 description: The updated description of this key. additionalProperties: false parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: key: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false required: - key additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteKmsKey tags: - KMS Keys description: Delete KMS key parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: key: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false required: - key additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getKmsKeyById tags: - KMS Keys description: Get KMS key by ID parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the KMS key to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: key: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false required: - key additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/key-name/{keyName}: get: operationId: getKmsKeyByName tags: - KMS Keys description: Get KMS key by name parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the key belongs to. - schema: type: string minLength: 1 maxLength: 64 in: path name: keyName required: true description: The name of the KMS key to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: key: type: object properties: id: type: string format: uuid description: type: string nullable: true isDisabled: type: boolean default: false nullable: true orgId: type: string format: uuid name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string nullable: true keyUsage: type: string default: encrypt-decrypt kmipMetadata: nullable: true version: type: number default: 1 encryptionAlgorithm: type: string required: - id - orgId - name - createdAt - updatedAt - encryptionAlgorithm additionalProperties: false required: - key additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/encrypt: post: operationId: encryptWithKmsKey tags: - KMS Encryption description: Encrypt data with KMS key requestBody: required: true content: application/json: schema: type: object properties: plaintext: type: string description: The plaintext to be encrypted (base64 encoded). required: - plaintext additionalProperties: false parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to encrypt the data with. responses: '200': description: Default Response content: application/json: schema: type: object properties: ciphertext: type: string required: - ciphertext additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/public-key: get: operationId: getKmsKeyPublicKey tags: - KMS Signing description: Get the public key for a KMS key that is used for signing and verifying data. This endpoint is only available for asymmetric keys. parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to get the public key for. The key must be for signing and verifying. responses: '200': description: Default Response content: application/json: schema: type: object properties: publicKey: type: string required: - publicKey additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/private-key: get: operationId: getKmsKeyPrivateKey tags: - KMS Keys description: Export the private key (or key material) for a KMS key. For asymmetric keys (sign/verify), the private key is returned. For symmetric keys (encrypt/decrypt), the key material is returned. parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to export the private key or key material for. responses: '200': description: Default Response content: application/json: schema: type: object properties: privateKey: type: string required: - privateKey additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/bulk-import: post: operationId: bulkImportKmsKeys tags: - KMS Keys description: Bulk import KMS keys with provided key material into a project. requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string format: uuid keys: type: array items: type: object properties: name: type: string minLength: 1 maxLength: 32 keyUsage: type: string enum: - encrypt-decrypt - sign-verify encryptionAlgorithm: type: string enum: - aes-256-gcm - aes-128-gcm - RSA_4096 - ECC_NIST_P256 - ECC_NIST_P384 - ECC_NIST_P521 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 keyMaterial: type: string minLength: 1 required: - name - keyUsage - encryptionAlgorithm - keyMaterial additionalProperties: false minItems: 1 maxItems: 100 required: - projectId - keys additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: keys: type: array items: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false errors: type: array items: type: object properties: name: type: string message: type: string required: - name - message additionalProperties: false required: - keys - errors additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/bulk-export-private-keys: post: operationId: bulkExportKmsKeyPrivateKeys tags: - KMS Keys description: Bulk export multiple KMS keys. For asymmetric keys (sign/verify), both private and public keys are returned. For symmetric keys (encrypt/decrypt), the key material is returned. requestBody: required: true content: application/json: schema: type: object properties: keyIds: type: array items: type: string format: uuid description: An array of KMS key IDs to export. Maximum 100 keys per request. minItems: 1 maxItems: 100 required: - keyIds additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: keys: type: array items: type: object properties: keyId: type: string name: type: string keyUsage: type: string algorithm: type: string privateKey: type: string publicKey: type: string required: - keyId - name - keyUsage - algorithm - privateKey additionalProperties: false required: - keys additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/signing-algorithms: get: operationId: listKmsKeySigningAlgorithms tags: - KMS Signing description: List all available signing algorithms for a KMS key parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to list the signing algorithms for. The key must be for signing and verifying. responses: '200': description: Default Response content: application/json: schema: type: object properties: signingAlgorithms: type: array items: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 required: - signingAlgorithms additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/sign: post: operationId: signWithKmsKey tags: - KMS Signing description: Sign data with a KMS key. requestBody: required: true content: application/json: schema: type: object properties: signingAlgorithm: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 isDigest: type: boolean default: false description: Whether the data is already digested or not. Please be aware that if you are passing a digest the algorithm used to create the digest must match the signing algorithm used to sign the digest. data: type: string description: The data in string format to be signed (base64 encoded). required: - signingAlgorithm - data additionalProperties: false parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to sign the data with. responses: '200': description: Default Response content: application/json: schema: type: object properties: signature: type: string keyId: type: string format: uuid signingAlgorithm: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 required: - signature - keyId - signingAlgorithm additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/verify: post: operationId: verifyWithKmsKey tags: - KMS Signing description: Verify data signatures with a KMS key. requestBody: required: true content: application/json: schema: type: object properties: isDigest: type: boolean default: false description: Whether the data is already digested or not. data: type: string description: The data in string format to be verified (base64 encoded). For data larger than 1MB you must first create a digest of the data and then pass the digest in the data parameter. signature: type: string description: The signature to be verified (base64 encoded). signingAlgorithm: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 required: - data - signature - signingAlgorithm additionalProperties: false parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to verify the data with. responses: '200': description: Default Response content: application/json: schema: type: object properties: signatureValid: type: boolean keyId: type: string format: uuid signingAlgorithm: type: string enum: - RSASSA_PSS_SHA_512 - RSASSA_PSS_SHA_384 - RSASSA_PSS_SHA_256 - RSASSA_PKCS1_V1_5_SHA_512 - RSASSA_PKCS1_V1_5_SHA_384 - RSASSA_PKCS1_V1_5_SHA_256 - ECDSA_SHA_512 - ECDSA_SHA_384 - ECDSA_SHA_256 - ML_DSA_44 - ML_DSA_65 - ML_DSA_87 required: - signatureValid - keyId - signingAlgorithm additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/kms/keys/{keyId}/decrypt: post: operationId: decryptWithKmsKey tags: - KMS Encryption description: Decrypt data with KMS key requestBody: required: true content: application/json: schema: type: object properties: ciphertext: type: string description: The ciphertext to be decrypted (base64 encoded). required: - ciphertext additionalProperties: false parameters: - schema: type: string format: uuid in: path name: keyId required: true description: The ID of the key to decrypt the data with. responses: '200': description: Default Response content: application/json: schema: type: object properties: plaintext: type: string required: - plaintext additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/scim/group-org-role-mappings: get: operationId: listExternalGroupOrgRoleMappings tags: - SCIM responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid groupName: type: string role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupName - role - orgId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false put: operationId: updateExternalGroupOrgRoleMappings tags: - SCIM requestBody: required: true content: application/json: schema: type: object properties: mappings: type: array items: type: object properties: groupName: type: string minLength: 1 description: The name of the group in the SCIM provider. roleSlug: type: string minLength: 1 maxLength: 64 description: The slug of the role that group members should be assigned when provisioned. required: - groupName - roleSlug additionalProperties: false required: - mappings additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: array items: type: object properties: id: type: string format: uuid groupName: type: string role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - groupName - role - orgId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/options: get: operationId: listAppConnectionOptions tags: - App Connections description: List the available App Connection Options. parameters: - schema: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai in: query name: projectType required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnectionOptions: type: array items: anyOf: - type: object properties: name: type: string enum: - AWS app: type: string enum: - aws methods: type: array items: type: string enum: - assume-role - access-key accessKeyId: type: string required: - name - app - methods additionalProperties: false title: AWS - type: object properties: name: type: string enum: - GitHub app: type: string enum: - github methods: type: array items: type: string enum: - oauth - github-app - pat oauthClientId: type: string appClientSlug: type: string required: - name - app - methods additionalProperties: false title: GitHub - type: object properties: name: type: string enum: - GitHub Radar app: type: string enum: - github-radar methods: type: array items: type: string enum: - github-app appClientSlug: type: string required: - name - app - methods additionalProperties: false title: GitHub Radar - type: object properties: name: type: string enum: - GCP app: type: string enum: - gcp methods: type: array items: type: string enum: - service-account-impersonation required: - name - app - methods additionalProperties: false title: GCP - type: object properties: name: type: string enum: - Azure Key Vault app: type: string enum: - azure-key-vault methods: type: array items: type: string enum: - oauth - client-secret - certificate oauthClientId: type: string required: - name - app - methods additionalProperties: false title: Azure Key Vault - type: object properties: name: type: string enum: - Azure App Configuration app: type: string enum: - azure-app-configuration methods: type: array items: type: string enum: - oauth - client-secret oauthClientId: type: string required: - name - app - methods additionalProperties: false title: Azure App Configuration - type: object properties: name: type: string enum: - Azure DevOps app: type: string enum: - azure-devops methods: type: array items: type: string enum: - oauth - access-token - client-secret oauthClientId: type: string required: - name - app - methods additionalProperties: false title: Azure DevOps - type: object properties: name: type: string enum: - Databricks app: type: string enum: - databricks methods: type: array items: type: string enum: - service-principal required: - name - app - methods additionalProperties: false title: Databricks - type: object properties: name: type: string enum: - Humanitec app: type: string enum: - humanitec methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Humanitec - type: object properties: name: type: string enum: - Terraform Cloud app: type: string enum: - terraform-cloud methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Terraform Cloud - type: object properties: name: type: string enum: - Vercel app: type: string enum: - vercel methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Vercel - type: object properties: name: type: string enum: - PostgreSQL app: type: string enum: - postgres methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - true required: - name - app - methods - supportsPlatformManagement additionalProperties: false title: PostgreSQL - type: object properties: name: type: string enum: - Microsoft SQL Server app: type: string enum: - mssql methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - true required: - name - app - methods - supportsPlatformManagement additionalProperties: false title: Microsoft SQL Server - type: object properties: name: type: string enum: - MySQL app: type: string enum: - mysql methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - true required: - name - app - methods - supportsPlatformManagement additionalProperties: false title: MySQL - type: object properties: name: type: string enum: - Camunda app: type: string enum: - camunda methods: type: array items: type: string enum: - client-credentials required: - name - app - methods additionalProperties: false title: Camunda - type: object properties: name: type: string enum: - Auth0 app: type: string enum: - auth0 methods: type: array items: type: string enum: - client-credentials required: - name - app - methods additionalProperties: false title: Auth0 - type: object properties: name: type: string enum: - HCVault app: type: string enum: - hashicorp-vault methods: type: array items: type: string enum: - access-token - app-role required: - name - app - methods additionalProperties: false title: Hashicorp Vault - type: object properties: name: type: string enum: - Azure Client Secrets app: type: string enum: - azure-client-secrets methods: type: array items: type: string enum: - oauth - client-secret - certificate oauthClientId: type: string required: - name - app - methods additionalProperties: false title: Azure Client Secrets - type: object properties: name: type: string enum: - Windmill app: type: string enum: - windmill methods: type: array items: type: string enum: - access-token required: - name - app - methods additionalProperties: false title: Windmill - type: object properties: name: type: string enum: - LDAP app: type: string enum: - ldap methods: type: array items: type: string enum: - simple-bind required: - name - app - methods additionalProperties: false title: LDAP - type: object properties: name: type: string enum: - TeamCity app: type: string enum: - teamcity methods: type: array items: type: string enum: - access-token required: - name - app - methods additionalProperties: false title: TeamCity - type: object properties: name: type: string enum: - OCI app: type: string enum: - oci methods: type: array items: type: string enum: - access-key required: - name - app - methods additionalProperties: false title: OCI - type: object properties: name: type: string enum: - OracleDB app: type: string enum: - oracledb methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - true required: - name - app - methods - supportsPlatformManagement additionalProperties: false title: OracleDB - type: object properties: name: type: string enum: - 1Password app: type: string enum: - 1password methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: 1Password - type: object properties: name: type: string enum: - Heroku app: type: string enum: - heroku methods: type: array items: type: string enum: - auth-token - oauth oauthClientId: type: string required: - name - app - methods additionalProperties: false title: Heroku - type: object properties: name: type: string enum: - Render app: type: string enum: - render methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Render - type: object properties: name: type: string enum: - Fly.io app: type: string enum: - flyio methods: type: array items: type: string enum: - access-token required: - name - app - methods additionalProperties: false title: Fly.io - type: object properties: name: type: string enum: - GitLab app: type: string enum: - gitlab methods: type: array items: type: string enum: - oauth - access-token oauthClientId: type: string required: - name - app - methods additionalProperties: false title: GitLab - type: object properties: name: type: string enum: - Cloudflare app: type: string enum: - cloudflare methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Cloudflare - type: object properties: name: type: string enum: - Bitbucket app: type: string enum: - bitbucket methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Bitbucket - type: object properties: name: type: string enum: - Zabbix app: type: string enum: - zabbix methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Zabbix - type: object properties: name: type: string enum: - Railway app: type: string enum: - railway methods: type: array items: type: string enum: - account-token - project-token - team-token required: - name - app - methods additionalProperties: false title: Railway - type: object properties: name: type: string enum: - Checkly app: type: string enum: - checkly methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Checkly - type: object properties: name: type: string enum: - CircleCI app: type: string enum: - circleci methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: CircleCI - type: object properties: name: type: string enum: - Supabase app: type: string enum: - supabase methods: type: array items: type: string enum: - access-token required: - name - app - methods additionalProperties: false title: Supabase - type: object properties: name: type: string enum: - Digital Ocean app: type: string enum: - digital-ocean methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: DigitalOcean App Platform - type: object properties: name: type: string enum: - Netlify app: type: string enum: - netlify methods: type: array items: type: string enum: - access-token required: - name - app - methods additionalProperties: false title: Netlify - type: object properties: name: type: string enum: - Northflank app: type: string enum: - northflank methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Northflank - type: object properties: name: type: string enum: - Okta app: type: string enum: - okta methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Okta - type: object properties: name: type: string enum: - Azure ADCS app: type: string enum: - azure-adcs methods: type: array items: type: string enum: - username-password required: - name - app - methods additionalProperties: false title: Azure ADCS - type: object properties: name: type: string enum: - Redis app: type: string enum: - redis methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - false required: - name - app - methods - supportsPlatformManagement additionalProperties: false title: Redis - type: object properties: name: type: string enum: - MongoDB app: type: string enum: - mongodb methods: type: array items: type: string enum: - username-and-password supportsPlatformManagement: type: boolean enum: - false required: - name - app - methods - supportsPlatformManagement additionalProperties: false - type: object properties: name: type: string enum: - Laravel Forge app: type: string enum: - laravel-forge methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Laravel Forge - type: object properties: name: type: string enum: - Chef app: type: string enum: - chef methods: type: array items: type: string enum: - user-key required: - name - app - methods additionalProperties: false title: Chef - type: object properties: name: type: string enum: - DNS Made Easy app: type: string enum: - dns-made-easy methods: type: array items: type: string enum: - api-key-secret required: - name - app - methods additionalProperties: false title: DNS Made Easy - type: object properties: name: type: string enum: - Azure DNS app: type: string enum: - azure-dns methods: type: array items: type: string enum: - client-secret required: - name - app - methods additionalProperties: false title: Azure DNS - type: object properties: name: type: string enum: - Octopus Deploy app: type: string enum: - octopus-deploy methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Octopus Deploy - type: object properties: name: type: string enum: - Windows app: type: string enum: - smb methods: type: array items: type: string enum: - credentials required: - name - app - methods additionalProperties: false title: SMB - type: object properties: name: type: string enum: - SSH app: type: string enum: - ssh methods: type: array items: type: string enum: - password - ssh-key required: - name - app - methods additionalProperties: false title: SSH - type: object properties: name: type: string enum: - DBT app: type: string enum: - dbt methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: DBT - type: object properties: name: type: string enum: - OpenRouter app: type: string enum: - open-router methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: OpenRouter - type: object properties: name: type: string enum: - Azure Entra ID app: type: string enum: - azure-entra-id methods: type: array items: type: string enum: - client-secret required: - name - app - methods additionalProperties: false title: Azure Entra ID - type: object properties: name: type: string enum: - Venafi TLS Protect Cloud app: type: string enum: - venafi methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Venafi TLS Protect Cloud - type: object properties: name: type: string enum: - Venafi TPP app: type: string enum: - venafi-tpp methods: type: array items: type: string enum: - oauth required: - name - app - methods additionalProperties: false title: Venafi TPP - type: object properties: name: type: string enum: - Infisical app: type: string enum: - external-infisical methods: type: array items: type: string enum: - machine-identity-universal-auth required: - name - app - methods additionalProperties: false title: Infisical - type: object properties: name: type: string enum: - Doppler app: type: string enum: - doppler methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Doppler - type: object properties: name: type: string enum: - NetScaler app: type: string enum: - netscaler methods: type: array items: type: string enum: - basic-auth required: - name - app - methods additionalProperties: false title: NetScaler - type: object properties: name: type: string enum: - Anthropic app: type: string enum: - anthropic methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Anthropic - type: object properties: name: type: string enum: - OVH app: type: string enum: - ovh methods: type: array items: type: string enum: - certificate required: - name - app - methods additionalProperties: false title: OVH - type: object properties: name: type: string enum: - Devin app: type: string enum: - devin methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Devin - type: object properties: name: type: string enum: - Ona app: type: string enum: - ona methods: type: array items: type: string enum: - personal-access-token required: - name - app - methods additionalProperties: false title: Ona - type: object properties: name: type: string enum: - DigiCert app: type: string enum: - digicert methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: DigiCert - type: object properties: name: type: string enum: - GoDaddy app: type: string enum: - godaddy methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: GoDaddy - type: object properties: name: type: string enum: - Travis CI app: type: string enum: - travis-ci methods: type: array items: type: string enum: - api-token required: - name - app - methods additionalProperties: false title: Travis CI - type: object properties: name: type: string enum: - Salesforce app: type: string enum: - salesforce methods: type: array items: type: string enum: - client-credentials required: - name - app - methods additionalProperties: false title: Salesforce - type: object properties: name: type: string enum: - Snowflake app: type: string enum: - snowflake methods: type: array items: type: string enum: - username-and-token required: - name - app - methods additionalProperties: false title: Snowflake - type: object properties: name: type: string enum: - Datadog app: type: string enum: - datadog methods: type: array items: type: string enum: - api-key required: - name - app - methods additionalProperties: false title: Datadog - type: object properties: name: type: string enum: - F5 BIG-IP app: type: string enum: - f5-big-ip methods: type: array items: type: string enum: - basic-auth required: - name - app - methods additionalProperties: false title: F5 BIG-IP - type: object properties: name: type: string enum: - Convex app: type: string enum: - convex methods: type: array items: type: string enum: - personal-access-token required: - name - app - methods additionalProperties: false title: Convex required: - appConnectionOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections: get: operationId: listAppConnections tags: - App Connections description: List all the App Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list App Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/aws: get: operationId: listAwsAppConnections tags: - App Connections description: List the AWS Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list AWS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsAppConnection tags: - App Connections description: Create an AWS Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - assume-role description: The method used to authenticate with AWS. credentials: type: object properties: roleArn: type: string minLength: 1 stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. required: - roleArn additionalProperties: false description: The credentials used to connect with AWS. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - access-key description: The method used to authenticate with AWS. credentials: type: object properties: accessKeyId: type: string minLength: 1 secretAccessKey: type: string minLength: 1 required: - accessKeyId - secretAccessKey additionalProperties: false description: The credentials used to connect with AWS. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the AWS Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the AWS Connection. projectId: type: string description: The ID of the project to create the AWS Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for AWS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for AWS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/aws/available: get: operationId: listAwsAvailableAppConnections tags: - App Connections description: List the AWS Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list AWS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/aws/{connectionId}: get: operationId: getAwsAppConnection tags: - App Connections description: Get the specified AWS Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the AWS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsAppConnection tags: - App Connections description: Update the specified AWS Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: accessKeyId: type: string minLength: 1 secretAccessKey: type: string minLength: 1 required: - accessKeyId - secretAccessKey additionalProperties: false - type: object properties: roleArn: type: string minLength: 1 stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. required: - roleArn additionalProperties: false description: The credentials used to connect with AWS. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the AWS Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the AWS Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for AWS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for AWS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for AWS Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the AWS Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsAppConnection tags: - App Connections description: Delete the specified AWS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the AWS Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/aws/connection-name/{connectionName}: get: operationId: getAwsAppConnectionByName tags: - App Connections description: Get the specified AWS Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the AWS Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the AWS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/aws/{connectionId}/rotate-credentials: post: operationId: rotateAwsAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified AWS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the AWS Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - assume-role credentials: type: object properties: stsEndpoint: type: string format: uri pattern: ^https\:\/\/ description: An optional custom endpoint URL for the AWS STS API to use when connecting with AWS. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Assume Role) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - aws method: type: string enum: - access-key credentials: type: object properties: accessKeyId: type: string minLength: 1 required: - accessKeyId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: AWS (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github: get: operationId: listGitHubAppConnections tags: - App Connections description: List the GitHub Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitHub Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitHubAppConnection tags: - App Connections description: Create a GitHub Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - github-app description: The method used to authenticate with GitHub. credentials: anyOf: - type: object properties: code: type: string minLength: 1 installationsToken: type: string minLength: 1 installationId: type: string minLength: 1 gitHubAppId: type: string format: uuid nullable: true instanceType: type: string enum: - server host: type: string minLength: 1 required: - installationId - instanceType - host additionalProperties: false - type: object properties: code: type: string minLength: 1 installationsToken: type: string minLength: 1 installationId: type: string minLength: 1 gitHubAppId: type: string format: uuid nullable: true instanceType: type: string enum: - cloud host: type: string required: - installationId additionalProperties: false description: The credentials used to connect with GitHub. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with GitHub. credentials: anyOf: - type: object properties: code: type: string minLength: 1 instanceType: type: string enum: - server host: type: string minLength: 1 required: - code - instanceType - host additionalProperties: false - type: object properties: code: type: string minLength: 1 instanceType: type: string enum: - cloud host: type: string required: - code additionalProperties: false description: The credentials used to connect with GitHub. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - pat description: The method used to authenticate with GitHub. credentials: anyOf: - type: object properties: personalAccessToken: type: string minLength: 1 instanceType: type: string enum: - server host: type: string minLength: 1 required: - personalAccessToken - instanceType - host additionalProperties: false - type: object properties: personalAccessToken: type: string minLength: 1 instanceType: type: string enum: - cloud host: type: string required: - personalAccessToken additionalProperties: false description: The credentials used to connect with GitHub. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GitHub Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the GitHub Connection. projectId: type: string description: The ID of the project to create the GitHub Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitHub Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitHub Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github/available: get: operationId: listGitHubAvailableAppConnections tags: - App Connections description: List the GitHub Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitHub Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github/{connectionId}: get: operationId: getGitHubAppConnection tags: - App Connections description: Get the specified GitHub Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitHubAppConnection tags: - App Connections description: Update the specified GitHub Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - anyOf: - type: object properties: code: type: string minLength: 1 installationsToken: type: string minLength: 1 installationId: type: string minLength: 1 gitHubAppId: type: string format: uuid nullable: true instanceType: type: string enum: - server host: type: string minLength: 1 required: - installationId - instanceType - host additionalProperties: false - type: object properties: code: type: string minLength: 1 installationsToken: type: string minLength: 1 installationId: type: string minLength: 1 gitHubAppId: type: string format: uuid nullable: true instanceType: type: string enum: - cloud host: type: string required: - installationId additionalProperties: false - anyOf: - type: object properties: code: type: string minLength: 1 instanceType: type: string enum: - server host: type: string minLength: 1 required: - code - instanceType - host additionalProperties: false - type: object properties: code: type: string minLength: 1 instanceType: type: string enum: - cloud host: type: string required: - code additionalProperties: false - anyOf: - type: object properties: personalAccessToken: type: string minLength: 1 instanceType: type: string enum: - server host: type: string minLength: 1 required: - personalAccessToken - instanceType - host additionalProperties: false - type: object properties: personalAccessToken: type: string minLength: 1 instanceType: type: string enum: - cloud host: type: string required: - personalAccessToken additionalProperties: false description: The credentials used to connect with GitHub. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GitHub Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GitHub Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitHub Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitHub Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitHubAppConnection tags: - App Connections description: Delete the specified GitHub Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github/connection-name/{connectionName}: get: operationId: getGitHubAppConnectionByName tags: - App Connections description: Get the specified GitHub Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the GitHub Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the GitHub Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github/{connectionId}/rotate-credentials: post: operationId: rotateGitHubAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified GitHub Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - github-app credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string gitHubAppId: type: string format: uuid nullable: true additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (GitHub App) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - oauth credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github method: type: string enum: - pat credentials: type: object properties: instanceType: anyOf: - type: string enum: - server - type: string enum: - cloud host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github-radar: get: operationId: listGitHubRadarAppConnections tags: - App Connections description: List the GitHub Radar Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitHub Radar Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitHubRadarAppConnection tags: - App Connections description: Create a GitHub Radar Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - github-app description: The method used to authenticate with GitHub Radar. credentials: type: object properties: code: type: string minLength: 1 installationId: type: string minLength: 1 required: - code - installationId additionalProperties: false description: The credentials used to connect with GitHub Radar. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GitHub Radar Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the GitHub Radar Connection. projectId: type: string description: The ID of the project to create the GitHub Radar Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitHub Radar Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitHub Radar Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github-radar/available: get: operationId: listGitHubRadarAvailableAppConnections tags: - App Connections description: List the GitHub Radar Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitHub Radar Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github-radar/{connectionId}: get: operationId: getGitHubRadarAppConnection tags: - App Connections description: Get the specified GitHub Radar Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Radar Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitHubRadarAppConnection tags: - App Connections description: Update the specified GitHub Radar Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: code: type: string minLength: 1 installationId: type: string minLength: 1 required: - code - installationId additionalProperties: false description: The credentials used to connect with GitHub Radar. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GitHub Radar Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GitHub Radar Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitHub Radar Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitHub Radar Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitHub Radar Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Radar Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitHubRadarAppConnection tags: - App Connections description: Delete the specified GitHub Radar Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Radar Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github-radar/connection-name/{connectionName}: get: operationId: getGitHubRadarAppConnectionByName tags: - App Connections description: Get the specified GitHub Radar Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the GitHub Radar Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the GitHub Radar Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/github-radar/{connectionId}/rotate-credentials: post: operationId: rotateGitHubRadarAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified GitHub Radar Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitHub Radar Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - github-radar method: type: string enum: - github-app credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitHub Radar (GitHub App) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gcp: get: operationId: listGcpAppConnections tags: - App Connections description: List the GCP Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GCP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGcpAppConnection tags: - App Connections description: Create a GCP Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - service-account-impersonation description: The method used to authenticate with GCP. credentials: type: object properties: serviceAccountEmail: type: string format: email minLength: 1 required: - serviceAccountEmail additionalProperties: false description: The credentials used to connect with GCP. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GCP Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the GCP Connection. projectId: type: string description: The ID of the project to create the GCP Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GCP Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GCP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gcp/available: get: operationId: listGcpAvailableAppConnections tags: - App Connections description: List the GCP Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GCP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gcp/{connectionId}: get: operationId: getGcpAppConnection tags: - App Connections description: Get the specified GCP Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GCP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGcpAppConnection tags: - App Connections description: Update the specified GCP Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: serviceAccountEmail: type: string format: email minLength: 1 required: - serviceAccountEmail additionalProperties: false description: The credentials used to connect with GCP. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GCP Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GCP Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GCP Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GCP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GCP Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GCP Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGcpAppConnection tags: - App Connections description: Delete the specified GCP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GCP Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gcp/connection-name/{connectionName}: get: operationId: getGcpAppConnectionByName tags: - App Connections description: Get the specified GCP Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the GCP Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the GCP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gcp/{connectionId}/rotate-credentials: post: operationId: rotateGcpAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified GCP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GCP Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gcp method: type: string enum: - service-account-impersonation credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GCP (Service Account Impersonation) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-key-vault: get: operationId: listAzureKeyVaultAppConnections tags: - App Connections description: List the Azure Key Vault Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Key Vault Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureKeyVaultAppConnection tags: - App Connections description: Create an Azure Key Vault Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Azure Key Vault. credentials: type: object properties: code: type: string minLength: 1 tenantId: type: string required: - code additionalProperties: false description: The credentials used to connect with Azure Key Vault. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure Key Vault. credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 maxLength: 50 tenantId: type: string format: uuid minLength: 1 clientSecretKeyId: type: string format: uuid description: The Key ID of the client secret in Azure AD. Required when enabling credential rotation so the original secret can be revoked. required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure Key Vault. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - certificate description: The method used to authenticate with Azure Key Vault. credentials: type: object properties: tenantId: type: string format: uuid minLength: 1 clientId: type: string format: uuid minLength: 1 certificateBody: type: string minLength: 1 privateKey: type: string minLength: 1 required: - tenantId - clientId - certificateBody - privateKey additionalProperties: false description: The credentials used to connect with Azure Key Vault. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure Key Vault Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Key Vault Connection. projectId: type: string description: The ID of the project to create the Azure Key Vault Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Key Vault Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean description: Whether or not automatic credential rotation is enabled for the Azure Key Vault Connection. rotation: type: object properties: rotationInterval: type: integer minimum: 1 maximum: 365 description: The interval in days between credential rotations. rotateAtUtc: type: object properties: hours: type: integer minimum: 0 maximum: 23 description: The hour (0-23) at which to rotate (UTC timezone). minutes: type: integer minimum: 0 maximum: 59 description: The minute (0-59) at which to rotate (UTC timezone). required: - hours - minutes additionalProperties: false required: - rotationInterval - rotateAtUtc additionalProperties: false description: The credential rotation configuration for the Azure Key Vault Connection. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-key-vault/available: get: operationId: listAzureKeyVaultAvailableAppConnections tags: - App Connections description: List the Azure Key Vault Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Key Vault Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-key-vault/{connectionId}: get: operationId: getAzureKeyVaultAppConnection tags: - App Connections description: Get the specified Azure Key Vault Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Key Vault Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureKeyVaultAppConnection tags: - App Connections description: Update the specified Azure Key Vault Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: code: type: string minLength: 1 tenantId: type: string required: - code additionalProperties: false - type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 maxLength: 50 tenantId: type: string format: uuid minLength: 1 clientSecretKeyId: type: string format: uuid description: The Key ID of the client secret in Azure AD. Required when enabling credential rotation so the original secret can be revoked. required: - clientId - clientSecret - tenantId additionalProperties: false - type: object properties: tenantId: type: string format: uuid minLength: 1 clientId: type: string format: uuid minLength: 1 certificateBody: type: string minLength: 1 privateKey: type: string minLength: 1 required: - tenantId - clientId - certificateBody - privateKey additionalProperties: false description: The credentials used to connect with Azure Key Vault. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure Key Vault Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Key Vault Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Key Vault Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean description: Whether or not automatic credential rotation is enabled for the Azure Key Vault Connection. rotation: type: object properties: rotationInterval: type: integer minimum: 1 maximum: 365 description: The interval in days between credential rotations. rotateAtUtc: type: object properties: hours: type: integer minimum: 0 maximum: 23 description: The hour (0-23) at which to rotate (UTC timezone). minutes: type: integer minimum: 0 maximum: 59 description: The minute (0-59) at which to rotate (UTC timezone). required: - hours - minutes additionalProperties: false additionalProperties: false description: The updated credential rotation configuration for the Azure Key Vault Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Key Vault Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureKeyVaultAppConnection tags: - App Connections description: Delete the specified Azure Key Vault Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Key Vault Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-key-vault/connection-name/{connectionName}: get: operationId: getAzureKeyVaultAppConnectionByName tags: - App Connections description: Get the specified Azure Key Vault Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure Key Vault Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure Key Vault Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-key-vault/{connectionId}/rotate-credentials: post: operationId: rotateAzureKeyVaultAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure Key Vault Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Key Vault Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-key-vault method: type: string enum: - certificate credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Key Vault (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-app-configuration: get: operationId: listAzureAppConfigurationAppConnections tags: - App Connections description: List the Azure App Configuration Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure App Configuration Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureAppConfigurationAppConnection tags: - App Connections description: Create an Azure App Configuration Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Azure App Configuration. credentials: type: object properties: code: type: string minLength: 1 tenantId: type: string required: - code additionalProperties: false description: The credentials used to connect with Azure App Configuration. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure App Configuration. credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 maxLength: 50 tenantId: type: string format: uuid minLength: 1 required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure App Configuration. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure App Configuration Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure App Configuration Connection. projectId: type: string description: The ID of the project to create the Azure App Configuration Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure App Configuration Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure App Configuration Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-app-configuration/available: get: operationId: listAzureAppConfigurationAvailableAppConnections tags: - App Connections description: List the Azure App Configuration Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure App Configuration Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-app-configuration/{connectionId}: get: operationId: getAzureAppConfigurationAppConnection tags: - App Connections description: Get the specified Azure App Configuration Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure App Configuration Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureAppConfigurationAppConnection tags: - App Connections description: Update the specified Azure App Configuration Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: code: type: string minLength: 1 tenantId: type: string required: - code additionalProperties: false - type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 maxLength: 50 tenantId: type: string format: uuid minLength: 1 required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure App Configuration. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure App Configuration Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure App Configuration Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure App Configuration Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure App Configuration Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure App Configuration Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure App Configuration Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureAppConfigurationAppConnection tags: - App Connections description: Delete the specified Azure App Configuration Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure App Configuration Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-app-configuration/connection-name/{connectionName}: get: operationId: getAzureAppConfigurationAppConnectionByName tags: - App Connections description: Get the specified Azure App Configuration Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure App Configuration Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure App Configuration Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-app-configuration/{connectionId}/rotate-credentials: post: operationId: rotateAzureAppConfigurationAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure App Configuration Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure App Configuration Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-app-configuration method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure App Configuration (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-client-secrets: get: operationId: listAzureClientSecretsAppConnections tags: - App Connections description: List the Azure Client Secrets Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Client Secrets Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureClientSecretsAppConnection tags: - App Connections description: Create an Azure Client Secrets Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Azure Client Secrets. credentials: type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with Azure Client Secrets. tenantId: type: string minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. required: - code - tenantId additionalProperties: false description: The credentials used to connect with Azure Client Secrets. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure Client Secrets. credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 description: The Client ID to use to connect with Azure Client Secrets. clientSecret: type: string minLength: 1 maxLength: 50 description: The Client Secret to use to connect with Azure Client Secrets. tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. clientSecretKeyId: type: string format: uuid description: The Key ID of the client secret in Azure AD. Required when enabling credential rotation so the original secret can be revoked. required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure Client Secrets. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - certificate description: The method used to authenticate with Azure Client Secrets. credentials: type: object properties: tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. clientId: type: string format: uuid minLength: 1 description: The Client ID to use to connect with Azure Client Secrets. certificateBody: type: string minLength: 1 description: The certificate body in PEM format to use to connect with Azure Client Secrets. privateKey: type: string minLength: 1 description: The private key to use to connect with Azure Client Secrets. This is never transmitted to Azure and is only used to sign the Azure client assertion with. required: - tenantId - clientId - certificateBody - privateKey additionalProperties: false description: The credentials used to connect with Azure Client Secrets. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure Client Secrets Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Client Secrets Connection. projectId: type: string description: The ID of the project to create the Azure Client Secrets Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Client Secrets Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Client Secrets Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Client Secrets Connections. isAutoRotationEnabled: type: boolean description: Whether or not automatic credential rotation is enabled for the Azure Client Secrets Connection. rotation: type: object properties: rotationInterval: type: integer minimum: 1 maximum: 365 description: The interval in days between credential rotations. rotateAtUtc: type: object properties: hours: type: integer minimum: 0 maximum: 23 description: The hour (0-23) at which to rotate (UTC timezone). minutes: type: integer minimum: 0 maximum: 59 description: The minute (0-59) at which to rotate (UTC timezone). required: - hours - minutes additionalProperties: false required: - rotationInterval - rotateAtUtc additionalProperties: false description: The credential rotation configuration for the Azure Client Secrets Connection. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-client-secrets/available: get: operationId: listAzureClientSecretsAvailableAppConnections tags: - App Connections description: List the Azure Client Secrets Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Client Secrets Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-client-secrets/{connectionId}: get: operationId: getAzureClientSecretsAppConnection tags: - App Connections description: Get the specified Azure Client Secrets Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Client Secrets Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureClientSecretsAppConnection tags: - App Connections description: Update the specified Azure Client Secrets Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with Azure Client Secrets. tenantId: type: string minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. required: - code - tenantId additionalProperties: false - type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 description: The Client ID to use to connect with Azure Client Secrets. clientSecret: type: string minLength: 1 maxLength: 50 description: The Client Secret to use to connect with Azure Client Secrets. tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. clientSecretKeyId: type: string format: uuid description: The Key ID of the client secret in Azure AD. Required when enabling credential rotation so the original secret can be revoked. required: - clientId - clientSecret - tenantId additionalProperties: false - type: object properties: tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure Client Secrets. clientId: type: string format: uuid minLength: 1 description: The Client ID to use to connect with Azure Client Secrets. certificateBody: type: string minLength: 1 description: The certificate body in PEM format to use to connect with Azure Client Secrets. privateKey: type: string minLength: 1 description: The private key to use to connect with Azure Client Secrets. This is never transmitted to Azure and is only used to sign the Azure client assertion with. required: - tenantId - clientId - certificateBody - privateKey additionalProperties: false description: The credentials used to connect with Azure Client Secrets. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure Client Secrets Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Client Secrets Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Client Secrets Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Client Secrets Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Client Secrets Connections. isAutoRotationEnabled: type: boolean description: Whether or not automatic credential rotation is enabled for the Azure Client Secrets Connection. rotation: type: object properties: rotationInterval: type: integer minimum: 1 maximum: 365 description: The interval in days between credential rotations. rotateAtUtc: type: object properties: hours: type: integer minimum: 0 maximum: 23 description: The hour (0-23) at which to rotate (UTC timezone). minutes: type: integer minimum: 0 maximum: 59 description: The minute (0-59) at which to rotate (UTC timezone). required: - hours - minutes additionalProperties: false additionalProperties: false description: The updated credential rotation configuration for the Azure Client Secrets Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Client Secrets Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureClientSecretsAppConnection tags: - App Connections description: Delete the specified Azure Client Secrets Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Client Secrets Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-client-secrets/connection-name/{connectionName}: get: operationId: getAzureClientSecretsAppConnectionByName tags: - App Connections description: Get the specified Azure Client Secrets Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure Client Secrets Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure Client Secrets Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-client-secrets/{connectionId}/rotate-credentials: post: operationId: rotateAzureClientSecretsAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure Client Secrets Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Client Secrets Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string required: - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Client Secret) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-client-secrets method: type: string enum: - certificate credentials: type: object properties: tenantId: type: string clientId: type: string required: - tenantId - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Client Secrets (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-devops: get: operationId: listAzureDevopsAppConnections tags: - App Connections description: List the Azure DevOps Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure DevOps Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureDevopsAppConnection tags: - App Connections description: Create an Azure DevOps Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Azure DevOps. credentials: type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with Azure DevOps. tenantId: type: string minLength: 1 description: The Tenant ID to use to connect with Azure DevOps. orgName: type: string minLength: 1 description: The Organization name to use to connect with Azure DevOps. required: - code - tenantId - orgName additionalProperties: false description: The credentials used to connect with Azure DevOps. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Azure DevOps. credentials: type: object properties: accessToken: type: string minLength: 1 orgName: type: string minLength: 1 required: - accessToken - orgName additionalProperties: false description: The credentials used to connect with Azure DevOps. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure DevOps. credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 description: The Client ID to use to connect with Azure Client Secrets. clientSecret: type: string minLength: 1 maxLength: 50 description: The Client Secret to use to connect with Azure Client Secrets. tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure DevOps. orgName: type: string minLength: 1 description: The Organization name to use to connect with Azure DevOps. required: - clientId - clientSecret - tenantId - orgName additionalProperties: false description: The credentials used to connect with Azure DevOps. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure DevOps Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure DevOps Connection. projectId: type: string description: The ID of the project to create the Azure DevOps Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure DevOps Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure DevOps Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-devops/available: get: operationId: listAzureDevopsAvailableAppConnections tags: - App Connections description: List the Azure DevOps Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure DevOps Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-devops/{connectionId}: get: operationId: getAzureDevopsAppConnection tags: - App Connections description: Get the specified Azure DevOps Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DevOps Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureDevopsAppConnection tags: - App Connections description: Update the specified Azure DevOps Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with Azure DevOps. tenantId: type: string minLength: 1 description: The Tenant ID to use to connect with Azure DevOps. orgName: type: string minLength: 1 description: The Organization name to use to connect with Azure DevOps. required: - code - tenantId - orgName additionalProperties: false - type: object properties: accessToken: type: string minLength: 1 orgName: type: string minLength: 1 required: - accessToken - orgName additionalProperties: false - type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 description: The Client ID to use to connect with Azure Client Secrets. clientSecret: type: string minLength: 1 maxLength: 50 description: The Client Secret to use to connect with Azure Client Secrets. tenantId: type: string format: uuid minLength: 1 description: The Tenant ID to use to connect with Azure DevOps. orgName: type: string minLength: 1 description: The Organization name to use to connect with Azure DevOps. required: - clientId - clientSecret - tenantId - orgName additionalProperties: false description: The credentials used to connect with Azure DevOps. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure DevOps Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure DevOps Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure DevOps Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure DevOps Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DevOps Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DevOps Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureDevopsAppConnection tags: - App Connections description: Delete the specified Azure DevOps Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DevOps Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-devops/connection-name/{connectionName}: get: operationId: getAzureDevopsAppConnectionByName tags: - App Connections description: Get the specified Azure DevOps Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure DevOps Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure DevOps Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-devops/{connectionId}/rotate-credentials: post: operationId: rotateAzureDevopsAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure DevOps Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DevOps Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - oauth credentials: type: object properties: tenantId: type: string orgName: type: string required: - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (OAuth) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - access-token credentials: type: object properties: orgName: type: string required: - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-devops method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string orgName: type: string required: - clientId - tenantId - orgName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DevOps (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-adcs: get: operationId: listAzureAdcsAppConnections tags: - App Connections description: List the Azure ADCS Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure ADCS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureAdcsAppConnection tags: - App Connections description: Create an Azure ADCS Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-password description: The method used to authenticate with Azure ADCS. credentials: type: object properties: adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' password: type: string minLength: 1 maxLength: 255 description: The password used to access Azure ADCS. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - adcsUrl - username - password additionalProperties: false description: The credentials used to connect with Azure ADCS. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure ADCS Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure ADCS Connection. projectId: type: string description: The ID of the project to create the Azure ADCS Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure ADCS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure ADCS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-adcs/available: get: operationId: listAzureAdcsAvailableAppConnections tags: - App Connections description: List the Azure ADCS Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure ADCS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-adcs name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-adcs/{connectionId}: get: operationId: getAzureAdcsAppConnection tags: - App Connections description: Get the specified Azure ADCS Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure ADCS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureAdcsAppConnection tags: - App Connections description: Update the specified Azure ADCS Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' password: type: string minLength: 1 maxLength: 255 description: The password used to access Azure ADCS. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - adcsUrl - username - password additionalProperties: false description: The credentials used to connect with Azure ADCS. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure ADCS Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure ADCS Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure ADCS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure ADCS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure ADCS Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure ADCS Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureAdcsAppConnection tags: - App Connections description: Delete the specified Azure ADCS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure ADCS Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-adcs/connection-name/{connectionName}: get: operationId: getAzureAdcsAppConnectionByName tags: - App Connections description: Get the specified Azure ADCS Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure ADCS Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure ADCS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-adcs/{connectionId}/rotate-credentials: post: operationId: rotateAzureAdcsAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure ADCS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure ADCS Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-adcs method: type: string enum: - username-password credentials: type: object properties: username: type: string minLength: 1 maxLength: 255 description: 'The username used to access Azure ADCS (format: ''DOMAIN\username'' or ''username@domain.com'').' adcsUrl: type: string minLength: 1 maxLength: 255 description: The HTTPS URL of the Azure ADCS instance to connect with (e.g., 'https://adcs.yourdomain.com/certsrv'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false). Set to false only in test environments with self-signed certificates. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection. required: - username - adcsUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure ADCS (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-dns: get: operationId: listAzureDnsAppConnections tags: - App Connections description: List the Azure DNS Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure DNS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureDnsAppConnection tags: - App Connections description: Create an Azure DNS Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure DNS. credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID clientId: type: string description: Client ID must be a valid GUID clientSecret: type: string minLength: 1 maxLength: 256 subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - clientId - clientSecret - subscriptionId additionalProperties: false description: The credentials used to connect with Azure DNS. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure DNS Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure DNS Connection. projectId: type: string description: The ID of the project to create the Azure DNS Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure DNS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure DNS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-dns/available: get: operationId: listAzureDnsAvailableAppConnections tags: - App Connections description: List the Azure DNS Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure DNS Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-dns name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-dns/{connectionId}: get: operationId: getAzureDnsAppConnection tags: - App Connections description: Get the specified Azure DNS Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DNS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureDnsAppConnection tags: - App Connections description: Update the specified Azure DNS Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID clientId: type: string description: Client ID must be a valid GUID clientSecret: type: string minLength: 1 maxLength: 256 subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - clientId - clientSecret - subscriptionId additionalProperties: false description: The credentials used to connect with Azure DNS. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure DNS Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure DNS Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure DNS Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure DNS Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure DNS Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DNS Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureDnsAppConnection tags: - App Connections description: Delete the specified Azure DNS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DNS Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-dns/connection-name/{connectionName}: get: operationId: getAzureDnsAppConnectionByName tags: - App Connections description: Get the specified Azure DNS Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure DNS Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure DNS Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-dns/{connectionId}/rotate-credentials: post: operationId: rotateAzureDnsAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure DNS Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure DNS Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-dns method: type: string enum: - client-secret credentials: type: object properties: tenantId: type: string description: Tenant ID must be a valid GUID subscriptionId: type: string description: Subscription ID must be a valid GUID required: - tenantId - subscriptionId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure DNS (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/databricks: get: operationId: listDatabricksAppConnections tags: - App Connections description: List the Databricks Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Databricks Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDatabricksAppConnection tags: - App Connections description: Create a Databricks Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - service-principal description: The method used to authenticate with Databricks. credentials: type: object properties: clientId: type: string minLength: 1 clientSecret: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - clientSecret - workspaceUrl additionalProperties: false description: The credentials used to connect with Databricks. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Databricks Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Databricks Connection. projectId: type: string description: The ID of the project to create the Databricks Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Databricks Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Databricks Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/databricks/available: get: operationId: listDatabricksAvailableAppConnections tags: - App Connections description: List the Databricks Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Databricks Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/databricks/{connectionId}: get: operationId: getDatabricksAppConnection tags: - App Connections description: Get the specified Databricks Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Databricks Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDatabricksAppConnection tags: - App Connections description: Update the specified Databricks Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: clientId: type: string minLength: 1 clientSecret: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - clientSecret - workspaceUrl additionalProperties: false description: The credentials used to connect with Databricks. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Databricks Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Databricks Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Databricks Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Databricks Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Databricks Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Databricks Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDatabricksAppConnection tags: - App Connections description: Delete the specified Databricks Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Databricks Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/databricks/connection-name/{connectionName}: get: operationId: getDatabricksAppConnectionByName tags: - App Connections description: Get the specified Databricks Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Databricks Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Databricks Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/databricks/{connectionId}/rotate-credentials: post: operationId: rotateDatabricksAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Databricks Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Databricks Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - databricks method: type: string enum: - service-principal credentials: type: object properties: clientId: type: string minLength: 1 workspaceUrl: type: string format: uri minLength: 1 required: - clientId - workspaceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Databricks (Service Principal) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/humanitec: get: operationId: listHumanitecAppConnections tags: - App Connections description: List the Humanitec Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Humanitec Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHumanitecAppConnection tags: - App Connections description: Create a Humanitec Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Humanitec. credentials: type: object properties: apiToken: type: string minLength: 1 required: - apiToken additionalProperties: false description: The credentials used to connect with Humanitec. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Humanitec Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Humanitec Connection. projectId: type: string description: The ID of the project to create the Humanitec Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Humanitec Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Humanitec Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/humanitec/available: get: operationId: listHumanitecAvailableAppConnections tags: - App Connections description: List the Humanitec Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Humanitec Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/humanitec/{connectionId}: get: operationId: getHumanitecAppConnection tags: - App Connections description: Get the specified Humanitec Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Humanitec Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHumanitecAppConnection tags: - App Connections description: Update the specified Humanitec Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 required: - apiToken additionalProperties: false description: The credentials used to connect with Humanitec. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Humanitec Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Humanitec Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Humanitec Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Humanitec Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Humanitec Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Humanitec Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHumanitecAppConnection tags: - App Connections description: Delete the specified Humanitec Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Humanitec Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/humanitec/connection-name/{connectionName}: get: operationId: getHumanitecAppConnectionByName tags: - App Connections description: Get the specified Humanitec Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Humanitec Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Humanitec Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/humanitec/{connectionId}/rotate-credentials: post: operationId: rotateHumanitecAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Humanitec Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Humanitec Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - humanitec method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Humanitec (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/terraform-cloud: get: operationId: listTerraformCloudAppConnections tags: - App Connections description: List the Terraform Cloud Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Terraform Cloud Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTerraformCloudAppConnection tags: - App Connections description: Create a Terraform Cloud Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Terraform Cloud. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token to use to connect with Terraform Cloud. required: - apiToken additionalProperties: false description: The credentials used to connect with Terraform Cloud. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Terraform Cloud Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Terraform Cloud Connection. projectId: type: string description: The ID of the project to create the Terraform Cloud Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Terraform Cloud Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Terraform Cloud Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/terraform-cloud/available: get: operationId: listTerraformCloudAvailableAppConnections tags: - App Connections description: List the Terraform Cloud Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Terraform Cloud Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/terraform-cloud/{connectionId}: get: operationId: getTerraformCloudAppConnection tags: - App Connections description: Get the specified Terraform Cloud Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Terraform Cloud Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTerraformCloudAppConnection tags: - App Connections description: Update the specified Terraform Cloud Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token to use to connect with Terraform Cloud. required: - apiToken additionalProperties: false description: The credentials used to connect with Terraform Cloud. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Terraform Cloud Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Terraform Cloud Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Terraform Cloud Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Terraform Cloud Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Terraform Cloud Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Terraform Cloud Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTerraformCloudAppConnection tags: - App Connections description: Delete the specified Terraform Cloud Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Terraform Cloud Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/terraform-cloud/connection-name/{connectionName}: get: operationId: getTerraformCloudAppConnectionByName tags: - App Connections description: Get the specified Terraform Cloud Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Terraform Cloud Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Terraform Cloud Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/terraform-cloud/{connectionId}/rotate-credentials: post: operationId: rotateTerraformCloudAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Terraform Cloud Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Terraform Cloud Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - terraform-cloud method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Terraform Cloud (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/vercel: get: operationId: listVercelAppConnections tags: - App Connections description: List the Vercel Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Vercel Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createVercelAppConnection tags: - App Connections description: Create a Vercel Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Vercel. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Vercel. required: - apiToken additionalProperties: false description: The credentials used to connect with Vercel. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Vercel Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Vercel Connection. projectId: type: string description: The ID of the project to create the Vercel Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Vercel Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Vercel Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/vercel/available: get: operationId: listVercelAvailableAppConnections tags: - App Connections description: List the Vercel Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Vercel Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/vercel/{connectionId}: get: operationId: getVercelAppConnection tags: - App Connections description: Get the specified Vercel Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Vercel Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateVercelAppConnection tags: - App Connections description: Update the specified Vercel Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Vercel. required: - apiToken additionalProperties: false description: The credentials used to connect with Vercel. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Vercel Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Vercel Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Vercel Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Vercel Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Vercel Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Vercel Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteVercelAppConnection tags: - App Connections description: Delete the specified Vercel Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Vercel Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/vercel/connection-name/{connectionName}: get: operationId: getVercelAppConnectionByName tags: - App Connections description: Get the specified Vercel Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Vercel Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Vercel Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/vercel/{connectionId}/rotate-credentials: post: operationId: rotateVercelAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Vercel Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Vercel Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - vercel method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Vercel (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/postgres: get: operationId: listPostgresAppConnections tags: - App Connections description: List the PostgreSQL Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list PostgreSQL Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createPostgresAppConnection tags: - App Connections description: Create a PostgreSQL Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with PostgreSQL. credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with PostgreSQL. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the PostgreSQL Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the PostgreSQL Connection. projectId: type: string description: The ID of the project to create the PostgreSQL Connection in. isPlatformManagedCredentials: type: boolean default: false description: Whether or not the PostgreSQL Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for PostgreSQL Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for PostgreSQL Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/postgres/available: get: operationId: listPostgresAvailableAppConnections tags: - App Connections description: List the PostgreSQL Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list PostgreSQL Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/postgres/{connectionId}: get: operationId: getPostgresAppConnection tags: - App Connections description: Get the specified PostgreSQL Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the PostgreSQL Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePostgresAppConnection tags: - App Connections description: Update the specified PostgreSQL Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with PostgreSQL. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the PostgreSQL Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the PostgreSQL Connection. isPlatformManagedCredentials: type: boolean description: Whether or not the PostgreSQL Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for PostgreSQL Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for PostgreSQL Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the PostgreSQL Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePostgresAppConnection tags: - App Connections description: Delete the specified PostgreSQL Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the PostgreSQL Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/postgres/connection-name/{connectionName}: get: operationId: getPostgresAppConnectionByName tags: - App Connections description: Get the specified PostgreSQL Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the PostgreSQL Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the PostgreSQL Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/postgres/{connectionId}/rotate-credentials: post: operationId: rotatePostgresAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified PostgreSQL Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the PostgreSQL Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - postgres method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: PostgreSQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mssql: get: operationId: listMsSqlAppConnections tags: - App Connections description: List the Microsoft SQL Server Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Microsoft SQL Server Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMsSqlAppConnection tags: - App Connections description: Create a Microsoft SQL Server Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with Microsoft SQL Server. credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with Microsoft SQL Server. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Microsoft SQL Server Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Microsoft SQL Server Connection. projectId: type: string description: The ID of the project to create the Microsoft SQL Server Connection in. isPlatformManagedCredentials: type: boolean default: false description: Whether or not the Microsoft SQL Server Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Microsoft SQL Server Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Microsoft SQL Server Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mssql/available: get: operationId: listMsSqlAvailableAppConnections tags: - App Connections description: List the Microsoft SQL Server Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Microsoft SQL Server Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mssql/{connectionId}: get: operationId: getMsSqlAppConnection tags: - App Connections description: Get the specified Microsoft SQL Server Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Microsoft SQL Server Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMsSqlAppConnection tags: - App Connections description: Update the specified Microsoft SQL Server Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with Microsoft SQL Server. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Microsoft SQL Server Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Microsoft SQL Server Connection. isPlatformManagedCredentials: type: boolean description: Whether or not the Microsoft SQL Server Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Microsoft SQL Server Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Microsoft SQL Server Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Microsoft SQL Server Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMsSqlAppConnection tags: - App Connections description: Delete the specified Microsoft SQL Server Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Microsoft SQL Server Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mssql/connection-name/{connectionName}: get: operationId: getMsSqlAppConnectionByName tags: - App Connections description: Get the specified Microsoft SQL Server Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Microsoft SQL Server Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Microsoft SQL Server Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mssql/{connectionId}/rotate-credentials: post: operationId: rotateMsSqlAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Microsoft SQL Server Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Microsoft SQL Server Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mssql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Microsoft SQL Server (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mysql: get: operationId: listMySqlAppConnections tags: - App Connections description: List the MySQL Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list MySQL Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMySqlAppConnection tags: - App Connections description: Create a MySQL Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with MySQL. credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with MySQL. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the MySQL Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the MySQL Connection. projectId: type: string description: The ID of the project to create the MySQL Connection in. isPlatformManagedCredentials: type: boolean default: false description: Whether or not the MySQL Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for MySQL Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MySQL Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mysql/available: get: operationId: listMySqlAvailableAppConnections tags: - App Connections description: List the MySQL Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list MySQL Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mysql/{connectionId}: get: operationId: getMySqlAppConnection tags: - App Connections description: Get the specified MySQL Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MySQL Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMySqlAppConnection tags: - App Connections description: Update the specified MySQL Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with MySQL. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the MySQL Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the MySQL Connection. isPlatformManagedCredentials: type: boolean description: Whether or not the MySQL Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for MySQL Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MySQL Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MySQL Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMySqlAppConnection tags: - App Connections description: Delete the specified MySQL Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MySQL Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mysql/connection-name/{connectionName}: get: operationId: getMySqlAppConnectionByName tags: - App Connections description: Get the specified MySQL Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the MySQL Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the MySQL Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mysql/{connectionId}/rotate-credentials: post: operationId: rotateMySqlAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified MySQL Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MySQL Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mysql method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: MySQL (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/camunda: get: operationId: listCamundaAppConnections tags: - App Connections description: List the Camunda Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Camunda Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCamundaAppConnection tags: - App Connections description: Create a Camunda Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - client-credentials description: The method used to authenticate with Camunda. credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. clientSecret: type: string minLength: 1 description: The client secret used to authenticate with Camunda. required: - clientId - clientSecret additionalProperties: false description: The credentials used to connect with Camunda. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Camunda Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Camunda Connection. projectId: type: string description: The ID of the project to create the Camunda Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Camunda Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Camunda Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/camunda/available: get: operationId: listCamundaAvailableAppConnections tags: - App Connections description: List the Camunda Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Camunda Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/camunda/{connectionId}: get: operationId: getCamundaAppConnection tags: - App Connections description: Get the specified Camunda Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Camunda Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCamundaAppConnection tags: - App Connections description: Update the specified Camunda Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. clientSecret: type: string minLength: 1 description: The client secret used to authenticate with Camunda. required: - clientId - clientSecret additionalProperties: false description: The credentials used to connect with Camunda. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Camunda Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Camunda Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Camunda Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Camunda Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Camunda Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Camunda Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCamundaAppConnection tags: - App Connections description: Delete the specified Camunda Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Camunda Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/camunda/connection-name/{connectionName}: get: operationId: getCamundaAppConnectionByName tags: - App Connections description: Get the specified Camunda Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Camunda Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Camunda Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/camunda/{connectionId}/rotate-credentials: post: operationId: rotateCamundaAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Camunda Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Camunda Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - camunda method: type: string enum: - client-credentials credentials: type: object properties: clientId: type: string minLength: 1 description: The client ID used to authenticate with Camunda. required: - clientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Camunda (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/windmill: get: operationId: listWindmillAppConnections tags: - App Connections description: List the Windmill Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Windmill Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createWindmillAppConnection tags: - App Connections description: Create a Windmill Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Windmill. credentials: type: object properties: accessToken: type: string minLength: 1 description: The access token to use to connect with Windmill. instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). required: - accessToken additionalProperties: false description: The credentials used to connect with Windmill. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Windmill Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Windmill Connection. projectId: type: string description: The ID of the project to create the Windmill Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Windmill Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Windmill Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/windmill/available: get: operationId: listWindmillAvailableAppConnections tags: - App Connections description: List the Windmill Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Windmill Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/windmill/{connectionId}: get: operationId: getWindmillAppConnection tags: - App Connections description: Get the specified Windmill Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Windmill Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateWindmillAppConnection tags: - App Connections description: Update the specified Windmill Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessToken: type: string minLength: 1 description: The access token to use to connect with Windmill. instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). required: - accessToken additionalProperties: false description: The credentials used to connect with Windmill. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Windmill Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Windmill Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Windmill Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Windmill Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Windmill Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Windmill Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteWindmillAppConnection tags: - App Connections description: Delete the specified Windmill Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Windmill Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/windmill/connection-name/{connectionName}: get: operationId: getWindmillAppConnectionByName tags: - App Connections description: Get the specified Windmill Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Windmill Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Windmill Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/windmill/{connectionId}/rotate-credentials: post: operationId: rotateWindmillAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Windmill Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Windmill Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - windmill method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Windmill instance URL to connect with (defaults to https://app.windmill.dev). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Windmill (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/auth0: get: operationId: listAuth0AppConnections tags: - App Connections description: List the Auth0 Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Auth0 Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAuth0AppConnection tags: - App Connections description: Create an Auth0 Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - client-credentials description: The method used to authenticate with Auth0. credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. clientSecret: type: string minLength: 1 description: Your Auth0 application's Client Secret. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - clientSecret - audience additionalProperties: false description: The credentials used to connect with Auth0. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Auth0 Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Auth0 Connection. projectId: type: string description: The ID of the project to create the Auth0 Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Auth0 Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Auth0 Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/auth0/available: get: operationId: listAuth0AvailableAppConnections tags: - App Connections description: List the Auth0 Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Auth0 Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/auth0/{connectionId}: get: operationId: getAuth0AppConnection tags: - App Connections description: Get the specified Auth0 Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Auth0 Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAuth0AppConnection tags: - App Connections description: Update the specified Auth0 Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. clientSecret: type: string minLength: 1 description: Your Auth0 application's Client Secret. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - clientSecret - audience additionalProperties: false description: The credentials used to connect with Auth0. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Auth0 Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Auth0 Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Auth0 Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Auth0 Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Auth0 Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Auth0 Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAuth0AppConnection tags: - App Connections description: Delete the specified Auth0 Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Auth0 Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/auth0/connection-name/{connectionName}: get: operationId: getAuth0AppConnectionByName tags: - App Connections description: Get the specified Auth0 Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Auth0 Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Auth0 Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/auth0/{connectionId}/rotate-credentials: post: operationId: rotateAuth0AppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Auth0 Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Auth0 Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - auth0 method: type: string enum: - client-credentials credentials: type: object properties: domain: type: string minLength: 1 description: The domain of the Auth0 instance to connect to. clientId: type: string minLength: 1 description: Your Auth0 application's Client ID. audience: type: string format: uri minLength: 1 description: The unique identifier of the target API you want to access. required: - domain - clientId - audience additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Auth0 (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/hashicorp-vault: get: operationId: listHashicorpVaultAppConnections tags: - App Connections description: List the Hashicorp Vault Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Hashicorp Vault Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHashicorpVaultAppConnection tags: - App Connections description: Create a Hashicorp Vault Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Hashicorp Vault. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. namespace: type: string description: The Hashicrop Vault namespace to connect with. accessToken: type: string minLength: 1 description: The access token used to connect with Hashicorp Vault. required: - instanceUrl - accessToken additionalProperties: false description: The credentials used to connect with Hashicorp Vault. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - app-role description: The method used to authenticate with Hashicorp Vault. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. namespace: type: string description: The Hashicrop Vault namespace to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. secretId: type: string minLength: 1 description: The Secret ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId - secretId additionalProperties: false description: The credentials used to connect with Hashicorp Vault. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Hashicorp Vault Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Hashicorp Vault Connection. projectId: type: string description: The ID of the project to create the Hashicorp Vault Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Hashicorp Vault Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Hashicorp Vault Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Hashicorp Vault Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/hashicorp-vault/available: get: operationId: listHashicorpVaultAvailableAppConnections tags: - App Connections description: List the Hashicorp Vault Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Hashicorp Vault Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/hashicorp-vault/{connectionId}: get: operationId: getHashicorpVaultAppConnection tags: - App Connections description: Get the specified Hashicorp Vault Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Hashicorp Vault Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHashicorpVaultAppConnection tags: - App Connections description: Update the specified Hashicorp Vault Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. namespace: type: string description: The Hashicrop Vault namespace to connect with. accessToken: type: string minLength: 1 description: The access token used to connect with Hashicorp Vault. required: - instanceUrl - accessToken additionalProperties: false - type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. namespace: type: string description: The Hashicrop Vault namespace to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. secretId: type: string minLength: 1 description: The Secret ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId - secretId additionalProperties: false description: The credentials used to connect with Hashicorp Vault. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Hashicorp Vault Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Hashicorp Vault Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Hashicorp Vault Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Hashicorp Vault Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Hashicorp Vault Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Hashicorp Vault Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHashicorpVaultAppConnection tags: - App Connections description: Delete the specified Hashicorp Vault Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Hashicorp Vault Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/hashicorp-vault/connection-name/{connectionName}: get: operationId: getHashicorpVaultAppConnectionByName tags: - App Connections description: Get the specified Hashicorp Vault Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Hashicorp Vault Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Hashicorp Vault Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/hashicorp-vault/{connectionId}/rotate-credentials: post: operationId: rotateHashicorpVaultAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Hashicorp Vault Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Hashicorp Vault Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - access-token credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - hashicorp-vault method: type: string enum: - app-role credentials: type: object properties: namespace: type: string description: The Hashicrop Vault namespace to connect with. instanceUrl: type: string minLength: 1 format: uri description: The Hashicrop Vault instance URL to connect with. roleId: type: string minLength: 1 description: The Role ID used to connect with Hashicorp Vault. required: - instanceUrl - roleId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Hashicorp Vault (App Role) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ldap: get: operationId: listLdapAppConnections tags: - App Connections description: List the LDAP Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list LDAP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createLdapAppConnection tags: - App Connections description: Create a LDAP Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - simple-bind description: The method used to authenticate with LDAP. credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). password: type: string minLength: 1 description: The password to bind with for authentication. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn - password additionalProperties: false description: The credentials used to connect with LDAP. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the LDAP Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the LDAP Connection. projectId: type: string description: The ID of the project to create the LDAP Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for LDAP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for LDAP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for LDAP Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ldap/available: get: operationId: listLdapAvailableAppConnections tags: - App Connections description: List the LDAP Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list LDAP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ldap/{connectionId}: get: operationId: getLdapAppConnection tags: - App Connections description: Get the specified LDAP Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the LDAP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateLdapAppConnection tags: - App Connections description: Update the specified LDAP Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). password: type: string minLength: 1 description: The password to bind with for authentication. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn - password additionalProperties: false description: The credentials used to connect with LDAP. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the LDAP Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the LDAP Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for LDAP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for LDAP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for LDAP Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the LDAP Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteLdapAppConnection tags: - App Connections description: Delete the specified LDAP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the LDAP Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ldap/connection-name/{connectionName}: get: operationId: getLdapAppConnectionByName tags: - App Connections description: Get the specified LDAP Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the LDAP Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the LDAP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ldap/{connectionId}/rotate-credentials: post: operationId: rotateLdapAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified LDAP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the LDAP Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ldap method: type: string enum: - simple-bind credentials: type: object properties: provider: type: string enum: - active-directory description: The type of LDAP provider. Determines provider-specific behaviors. url: type: string minLength: 1 description: The LDAP/LDAPS URL to connect to (e.g., 'ldap://domain-or-ip:389' or 'ldaps://domain-or-ip:636'). dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to bind with (e.g., 'CN=John,CN=Users,DC=example,DC=com'). sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates (true/false) when using ldaps://. Set to false only in test environments. sslCertificate: type: string description: The SSL certificate (PEM format) to use for secure connection when using ldaps:// with a self-signed certificate. required: - provider - url - dn additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: LDAP (Simple Bind) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/teamcity: get: operationId: listTeamcityAppConnections tags: - App Connections description: List the TeamCity Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list TeamCity Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTeamcityAppConnection tags: - App Connections description: Create a TeamCity Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with TeamCity. credentials: type: object properties: accessToken: type: string minLength: 1 description: The access token to use to connect with TeamCity. instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - accessToken - instanceUrl additionalProperties: false description: The credentials used to connect with TeamCity. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the TeamCity Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the TeamCity Connection. projectId: type: string description: The ID of the project to create the TeamCity Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for TeamCity Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for TeamCity Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/teamcity/available: get: operationId: listTeamcityAvailableAppConnections tags: - App Connections description: List the TeamCity Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list TeamCity Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/teamcity/{connectionId}: get: operationId: getTeamcityAppConnection tags: - App Connections description: Get the specified TeamCity Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the TeamCity Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTeamcityAppConnection tags: - App Connections description: Update the specified TeamCity Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessToken: type: string minLength: 1 description: The access token to use to connect with TeamCity. instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - accessToken - instanceUrl additionalProperties: false description: The credentials used to connect with TeamCity. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the TeamCity Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the TeamCity Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for TeamCity Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for TeamCity Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for TeamCity Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the TeamCity Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTeamcityAppConnection tags: - App Connections description: Delete the specified TeamCity Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the TeamCity Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/teamcity/connection-name/{connectionName}: get: operationId: getTeamcityAppConnectionByName tags: - App Connections description: Get the specified TeamCity Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the TeamCity Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the TeamCity Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/teamcity/{connectionId}/rotate-credentials: post: operationId: rotateTeamcityAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified TeamCity Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the TeamCity Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - teamcity method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The TeamCity instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: TeamCity (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oci: get: operationId: listOciAppConnections tags: - App Connections description: List the OCI Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OCI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOciAppConnection tags: - App Connections description: Create an OCI Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-key description: The method used to authenticate with OCI. credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. privateKey: type: string minLength: 1 description: The private key content in PEM format used to sign API requests. required: - userOcid - tenancyOcid - region - fingerprint - privateKey additionalProperties: false description: The credentials used to connect with OCI. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OCI Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the OCI Connection. projectId: type: string description: The ID of the project to create the OCI Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OCI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OCI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oci/available: get: operationId: listOciAvailableAppConnections tags: - App Connections description: List the OCI Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OCI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oci/{connectionId}: get: operationId: getOciAppConnection tags: - App Connections description: Get the specified OCI Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OCI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOciAppConnection tags: - App Connections description: Update the specified OCI Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. privateKey: type: string minLength: 1 description: The private key content in PEM format used to sign API requests. required: - userOcid - tenancyOcid - region - fingerprint - privateKey additionalProperties: false description: The credentials used to connect with OCI. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OCI Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OCI Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OCI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OCI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OCI Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OCI Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOciAppConnection tags: - App Connections description: Delete the specified OCI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OCI Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oci/connection-name/{connectionName}: get: operationId: getOciAppConnectionByName tags: - App Connections description: Get the specified OCI Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the OCI Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the OCI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oci/{connectionId}/rotate-credentials: post: operationId: rotateOciAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified OCI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OCI Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oci method: type: string enum: - access-key credentials: type: object properties: userOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the user making the request. tenancyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the tenancy in Oracle Cloud Infrastructure. region: type: string minLength: 1 description: The region identifier in Oracle Cloud Infrastructure where the vault is located. fingerprint: type: string minLength: 1 description: The fingerprint of the public key uploaded to the user's API keys. required: - userOcid - tenancyOcid - region - fingerprint additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OCI (Access Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oracledb: get: operationId: listOracleDbAppConnections tags: - App Connections description: List the OracleDB Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OracleDB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOracleDbAppConnection tags: - App Connections description: Create an OracleDB Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with OracleDB. credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with OracleDB. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OracleDB Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the OracleDB Connection. projectId: type: string description: The ID of the project to create the OracleDB Connection in. isPlatformManagedCredentials: type: boolean default: false description: Whether or not the OracleDB Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OracleDB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OracleDB Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oracledb/available: get: operationId: listOracleDbAvailableAppConnections tags: - App Connections description: List the OracleDB Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OracleDB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oracledb/{connectionId}: get: operationId: getOracleDbAppConnection tags: - App Connections description: Get the specified OracleDB Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OracleDB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOracleDbAppConnection tags: - App Connections description: Update the specified OracleDB Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. port: type: number description: The port number of the database. database: type: string minLength: 1 description: The name of the database to connect to. username: type: string minLength: 1 description: The username to connect to the database with. password: type: string minLength: 1 description: The password to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - port - database - username - password - sslEnabled - sslRejectUnauthorized additionalProperties: false description: The credentials used to connect with OracleDB. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OracleDB Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OracleDB Connection. isPlatformManagedCredentials: type: boolean description: Whether or not the OracleDB Connection credentials should be managed by Infisical. Once enabled this cannot be reversed. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OracleDB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OracleDB Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OracleDB Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOracleDbAppConnection tags: - App Connections description: Delete the specified OracleDB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OracleDB Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oracledb/connection-name/{connectionName}: get: operationId: getOracleDbAppConnectionByName tags: - App Connections description: Get the specified OracleDB Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the OracleDB Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the OracleDB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/oracledb/{connectionId}/rotate-credentials: post: operationId: rotateOracleDbAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified OracleDB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OracleDB Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - oracledb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 description: The hostname of the database server. database: type: string minLength: 1 description: The name of the database to connect to. port: type: number description: The port number of the database. username: type: string minLength: 1 description: The username to connect to the database with. sslEnabled: type: boolean description: Whether or not to use SSL when connecting to the database. sslRejectUnauthorized: type: boolean description: Whether or not to reject unauthorized SSL certificates. sslCertificate: type: string description: The SSL certificate to use for connection. required: - host - database - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OracleDB (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/1password: get: operationId: listOnePasswordAppConnections tags: - App Connections description: List the 1Password Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list 1Password Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOnePasswordAppConnection tags: - App Connections description: Create a 1Password Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with 1Password. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to access the 1Password Connect Server. instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - apiToken - instanceUrl additionalProperties: false description: The credentials used to connect with 1Password. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the 1Password Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the 1Password Connection. projectId: type: string description: The ID of the project to create the 1Password Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for 1Password Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for 1Password Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/1password/available: get: operationId: listOnePasswordAvailableAppConnections tags: - App Connections description: List the 1Password Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list 1Password Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/1password/{connectionId}: get: operationId: getOnePasswordAppConnection tags: - App Connections description: Get the specified 1Password Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the 1Password Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOnePasswordAppConnection tags: - App Connections description: Update the specified 1Password Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to access the 1Password Connect Server. instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - apiToken - instanceUrl additionalProperties: false description: The credentials used to connect with 1Password. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the 1Password Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the 1Password Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for 1Password Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for 1Password Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for 1Password Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the 1Password Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOnePasswordAppConnection tags: - App Connections description: Delete the specified 1Password Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the 1Password Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/1password/connection-name/{connectionName}: get: operationId: getOnePasswordAppConnectionByName tags: - App Connections description: Get the specified 1Password Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the 1Password Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the 1Password Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/1password/{connectionId}/rotate-credentials: post: operationId: rotateOnePasswordAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified 1Password Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the 1Password Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - 1password method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 description: The URL of the 1Password Connect Server instance to authenticate with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: 1Password (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/heroku: get: operationId: listHerokuAppConnections tags: - App Connections description: List the Heroku Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Heroku Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHerokuAppConnection tags: - App Connections description: Create a Heroku Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - auth-token description: The method used to authenticate with Heroku. credentials: type: object properties: authToken: type: string minLength: 1 pattern: ^HRKU\- required: - authToken additionalProperties: false description: The credentials used to connect with Heroku. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Heroku. credentials: anyOf: - type: object properties: code: type: string minLength: 1 required: - code additionalProperties: false - type: object properties: refreshToken: type: string minLength: 1 required: - refreshToken additionalProperties: false - type: object properties: authToken: type: string refreshToken: type: string expiresAt: type: string format: date-time required: - authToken - refreshToken - expiresAt additionalProperties: false description: The credentials used to connect with Heroku. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Heroku Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Heroku Connection. projectId: type: string description: The ID of the project to create the Heroku Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Heroku Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Heroku Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/heroku/available: get: operationId: listHerokuAvailableAppConnections tags: - App Connections description: List the Heroku Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Heroku Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/heroku/{connectionId}: get: operationId: getHerokuAppConnection tags: - App Connections description: Get the specified Heroku Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Heroku Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHerokuAppConnection tags: - App Connections description: Update the specified Heroku Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: authToken: type: string minLength: 1 pattern: ^HRKU\- required: - authToken additionalProperties: false - type: object properties: authToken: type: string refreshToken: type: string expiresAt: type: string format: date-time required: - authToken - refreshToken - expiresAt additionalProperties: false - type: object properties: refreshToken: type: string minLength: 1 required: - refreshToken additionalProperties: false - type: object properties: code: type: string minLength: 1 required: - code additionalProperties: false description: The credentials used to connect with Heroku. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Heroku Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Heroku Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Heroku Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Heroku Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Heroku Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Heroku Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHerokuAppConnection tags: - App Connections description: Delete the specified Heroku Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Heroku Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/heroku/connection-name/{connectionName}: get: operationId: getHerokuAppConnectionByName tags: - App Connections description: Get the specified Heroku Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Heroku Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Heroku Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/heroku/{connectionId}/rotate-credentials: post: operationId: rotateHerokuAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Heroku Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Heroku Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - auth-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (Auth Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - heroku method: type: string enum: - oauth credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Heroku (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/render: get: operationId: listRenderAppConnections tags: - App Connections description: List the Render Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Render Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRenderAppConnection tags: - App Connections description: Create a Render Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Render. credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false description: The credentials used to connect with Render. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Render Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Render Connection. projectId: type: string description: The ID of the project to create the Render Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Render Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Render Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/render/available: get: operationId: listRenderAvailableAppConnections tags: - App Connections description: List the Render Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Render Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/render/{connectionId}: get: operationId: getRenderAppConnection tags: - App Connections description: Get the specified Render Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Render Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRenderAppConnection tags: - App Connections description: Update the specified Render Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false description: The credentials used to connect with Render. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Render Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Render Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Render Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Render Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Render Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Render Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRenderAppConnection tags: - App Connections description: Delete the specified Render Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Render Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/render/connection-name/{connectionName}: get: operationId: getRenderAppConnectionByName tags: - App Connections description: Get the specified Render Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Render Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Render Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/render/{connectionId}/rotate-credentials: post: operationId: rotateRenderAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Render Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Render Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - render method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Render (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/laravel-forge: get: operationId: listLaravelForgeAppConnections tags: - App Connections description: List the Laravel Forge Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Laravel Forge Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createLaravelForgeAppConnection tags: - App Connections description: Create a Laravel Forge Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Laravel Forge. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Laravel Forge. required: - apiToken additionalProperties: false description: The credentials used to connect with Laravel Forge. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Laravel Forge Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Laravel Forge Connection. projectId: type: string description: The ID of the project to create the Laravel Forge Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Laravel Forge Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Laravel Forge Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/laravel-forge/available: get: operationId: listLaravelForgeAvailableAppConnections tags: - App Connections description: List the Laravel Forge Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Laravel Forge Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/laravel-forge/{connectionId}: get: operationId: getLaravelForgeAppConnection tags: - App Connections description: Get the specified Laravel Forge Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Laravel Forge Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateLaravelForgeAppConnection tags: - App Connections description: Update the specified Laravel Forge Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Laravel Forge. required: - apiToken additionalProperties: false description: The credentials used to connect with Laravel Forge. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Laravel Forge Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Laravel Forge Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Laravel Forge Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Laravel Forge Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Laravel Forge Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Laravel Forge Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteLaravelForgeAppConnection tags: - App Connections description: Delete the specified Laravel Forge Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Laravel Forge Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/laravel-forge/connection-name/{connectionName}: get: operationId: getLaravelForgeAppConnectionByName tags: - App Connections description: Get the specified Laravel Forge Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Laravel Forge Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Laravel Forge Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/laravel-forge/{connectionId}/rotate-credentials: post: operationId: rotateLaravelForgeAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Laravel Forge Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Laravel Forge Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - laravel-forge method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Laravel Forge (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/flyio: get: operationId: listFlyioAppConnections tags: - App Connections description: List the Fly.io Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Fly.io Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createFlyioAppConnection tags: - App Connections description: Create a Fly.io Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Fly.io. credentials: type: object properties: accessToken: type: string minLength: 1 maxLength: 1000 pattern: ^FlyV1 description: The Access Token used to access fly.io. required: - accessToken additionalProperties: false description: The credentials used to connect with Fly.io. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Fly.io Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Fly.io Connection. projectId: type: string description: The ID of the project to create the Fly.io Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Fly.io Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Fly.io Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/flyio/available: get: operationId: listFlyioAvailableAppConnections tags: - App Connections description: List the Fly.io Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Fly.io Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/flyio/{connectionId}: get: operationId: getFlyioAppConnection tags: - App Connections description: Get the specified Fly.io Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Fly.io Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateFlyioAppConnection tags: - App Connections description: Update the specified Fly.io Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessToken: type: string minLength: 1 maxLength: 1000 pattern: ^FlyV1 description: The Access Token used to access fly.io. required: - accessToken additionalProperties: false description: The credentials used to connect with Fly.io. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Fly.io Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Fly.io Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Fly.io Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Fly.io Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Fly.io Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Fly.io Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteFlyioAppConnection tags: - App Connections description: Delete the specified Fly.io Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Fly.io Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/flyio/connection-name/{connectionName}: get: operationId: getFlyioAppConnectionByName tags: - App Connections description: Get the specified Fly.io Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Fly.io Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Fly.io Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/flyio/{connectionId}/rotate-credentials: post: operationId: rotateFlyioAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Fly.io Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Fly.io Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - flyio method: type: string enum: - access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Fly.io (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gitlab: get: operationId: listGitLabAppConnections tags: - App Connections description: List the GitLab Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitLab Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitLabAppConnection tags: - App Connections description: Create a GitLab Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with GitLab. credentials: type: object properties: accessToken: type: string minLength: 1 description: The Access Token used to access GitLab. instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessToken - accessTokenType additionalProperties: false description: The credentials used to connect with GitLab. required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with GitLab. credentials: anyOf: - type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with GitLab. instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - code additionalProperties: false - type: object properties: refreshToken: type: string minLength: 1 instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - refreshToken additionalProperties: false - type: object properties: accessToken: type: string refreshToken: type: string expiresAt: type: string format: date-time tokenType: type: string default: bearer createdAt: type: string instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - accessToken - refreshToken - expiresAt additionalProperties: false description: The credentials used to connect with GitLab. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GitLab Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the GitLab Connection. projectId: type: string description: The ID of the project to create the GitLab Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitLab Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitLab Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gitlab/available: get: operationId: listGitLabAvailableAppConnections tags: - App Connections description: List the GitLab Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GitLab Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gitlab/{connectionId}: get: operationId: getGitLabAppConnection tags: - App Connections description: Get the specified GitLab Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitLab Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitLabAppConnection tags: - App Connections description: Update the specified GitLab Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: accessToken: type: string minLength: 1 description: The Access Token used to access GitLab. instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessToken - accessTokenType additionalProperties: false - type: object properties: accessToken: type: string refreshToken: type: string expiresAt: type: string format: date-time tokenType: type: string default: bearer createdAt: type: string instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - accessToken - refreshToken - expiresAt additionalProperties: false - type: object properties: refreshToken: type: string minLength: 1 instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - refreshToken additionalProperties: false - type: object properties: code: type: string minLength: 1 description: The OAuth code to use to connect with GitLab. instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. required: - code additionalProperties: false description: The credentials used to connect with GitLab. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GitLab Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GitLab Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GitLab Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GitLab Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GitLab Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitLab Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitLabAppConnection tags: - App Connections description: Delete the specified GitLab Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitLab Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gitlab/connection-name/{connectionName}: get: operationId: getGitLabAppConnectionByName tags: - App Connections description: Get the specified GitLab Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the GitLab Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the GitLab Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/gitlab/{connectionId}/rotate-credentials: post: operationId: rotateGitLabAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified GitLab Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GitLab Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. accessTokenType: type: string enum: - project - personal - group description: The type of token used to connect with GitLab. required: - accessTokenType additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (Access Token) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - gitlab method: type: string enum: - oauth credentials: type: object properties: instanceUrl: type: string format: uri description: The GitLab instance URL to connect with. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GitLab (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/cloudflare: get: operationId: listCloudflareAppConnections tags: - App Connections description: List the Cloudflare Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Cloudflare Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCloudflareAppConnection tags: - App Connections description: Create a Cloudflare Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Cloudflare. credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 apiToken: type: string minLength: 1 maxLength: 256 required: - accountId - apiToken additionalProperties: false description: The credentials used to connect with Cloudflare. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Cloudflare Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Cloudflare Connection. projectId: type: string description: The ID of the project to create the Cloudflare Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Cloudflare Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Cloudflare Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/cloudflare/available: get: operationId: listCloudflareAvailableAppConnections tags: - App Connections description: List the Cloudflare Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Cloudflare Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/cloudflare/{connectionId}: get: operationId: getCloudflareAppConnection tags: - App Connections description: Get the specified Cloudflare Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Cloudflare Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCloudflareAppConnection tags: - App Connections description: Update the specified Cloudflare Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 apiToken: type: string minLength: 1 maxLength: 256 required: - accountId - apiToken additionalProperties: false description: The credentials used to connect with Cloudflare. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Cloudflare Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Cloudflare Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Cloudflare Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Cloudflare Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Cloudflare Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Cloudflare Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCloudflareAppConnection tags: - App Connections description: Delete the specified Cloudflare Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Cloudflare Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/cloudflare/connection-name/{connectionName}: get: operationId: getCloudflareAppConnectionByName tags: - App Connections description: Get the specified Cloudflare Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Cloudflare Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Cloudflare Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/cloudflare/{connectionId}/rotate-credentials: post: operationId: rotateCloudflareAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Cloudflare Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Cloudflare Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - cloudflare method: type: string enum: - api-token credentials: type: object properties: accountId: type: string minLength: 1 maxLength: 256 required: - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Cloudflare (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dns-made-easy: get: operationId: listDnsMadeEasyAppConnections tags: - App Connections description: List the DNS Made Easy Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DNS Made Easy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDnsMadeEasyAppConnection tags: - App Connections description: Create a DNS Made Easy Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key-secret description: The method used to authenticate with DNS Made Easy. credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 secretKey: type: string minLength: 1 maxLength: 256 required: - apiKey - secretKey additionalProperties: false description: The credentials used to connect with DNS Made Easy. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DNS Made Easy Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the DNS Made Easy Connection. projectId: type: string description: The ID of the project to create the DNS Made Easy Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DNS Made Easy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DNS Made Easy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dns-made-easy/available: get: operationId: listDnsMadeEasyAvailableAppConnections tags: - App Connections description: List the DNS Made Easy Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DNS Made Easy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - dns-made-easy name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dns-made-easy/{connectionId}: get: operationId: getDnsMadeEasyAppConnection tags: - App Connections description: Get the specified DNS Made Easy Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DNS Made Easy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDnsMadeEasyAppConnection tags: - App Connections description: Update the specified DNS Made Easy Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 secretKey: type: string minLength: 1 maxLength: 256 required: - apiKey - secretKey additionalProperties: false description: The credentials used to connect with DNS Made Easy. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DNS Made Easy Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the DNS Made Easy Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DNS Made Easy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DNS Made Easy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DNS Made Easy Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DNS Made Easy Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDnsMadeEasyAppConnection tags: - App Connections description: Delete the specified DNS Made Easy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DNS Made Easy Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dns-made-easy/connection-name/{connectionName}: get: operationId: getDnsMadeEasyAppConnectionByName tags: - App Connections description: Get the specified DNS Made Easy Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the DNS Made Easy Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the DNS Made Easy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dns-made-easy/{connectionId}/rotate-credentials: post: operationId: rotateDnsMadeEasyAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified DNS Made Easy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DNS Made Easy Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dns-made-easy method: type: string enum: - api-key-secret credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 required: - apiKey additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DNS Made Easy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/bitbucket: get: operationId: listBitbucketAppConnections tags: - App Connections description: List the Bitbucket Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Bitbucket Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createBitbucketAppConnection tags: - App Connections description: Create a Bitbucket Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Bitbucket. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to access Bitbucket. email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - apiToken - email additionalProperties: false description: The credentials used to connect with Bitbucket. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Bitbucket Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Bitbucket Connection. projectId: type: string description: The ID of the project to create the Bitbucket Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Bitbucket Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Bitbucket Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/bitbucket/available: get: operationId: listBitbucketAvailableAppConnections tags: - App Connections description: List the Bitbucket Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Bitbucket Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/bitbucket/{connectionId}: get: operationId: getBitbucketAppConnection tags: - App Connections description: Get the specified Bitbucket Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Bitbucket Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateBitbucketAppConnection tags: - App Connections description: Update the specified Bitbucket Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to access Bitbucket. email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - apiToken - email additionalProperties: false description: The credentials used to connect with Bitbucket. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Bitbucket Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Bitbucket Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Bitbucket Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Bitbucket Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Bitbucket Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Bitbucket Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteBitbucketAppConnection tags: - App Connections description: Delete the specified Bitbucket Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Bitbucket Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/bitbucket/connection-name/{connectionName}: get: operationId: getBitbucketAppConnectionByName tags: - App Connections description: Get the specified Bitbucket Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Bitbucket Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Bitbucket Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/bitbucket/{connectionId}/rotate-credentials: post: operationId: rotateBitbucketAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Bitbucket Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Bitbucket Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - bitbucket method: type: string enum: - api-token credentials: type: object properties: email: type: string format: email minLength: 1 maxLength: 255 description: The email used to access Bitbucket. required: - email additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Bitbucket (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/zabbix: get: operationId: listZabbixAppConnections tags: - App Connections description: List the Zabbix Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Zabbix Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createZabbixAppConnection tags: - App Connections description: Create a Zabbix Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Zabbix. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 1000 description: The API Token used to access Zabbix. instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - apiToken - instanceUrl additionalProperties: false description: The credentials used to connect with Zabbix. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Zabbix Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Zabbix Connection. projectId: type: string description: The ID of the project to create the Zabbix Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Zabbix Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Zabbix Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/zabbix/available: get: operationId: listZabbixAvailableAppConnections tags: - App Connections description: List the Zabbix Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Zabbix Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/zabbix/{connectionId}: get: operationId: getZabbixAppConnection tags: - App Connections description: Get the specified Zabbix Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Zabbix Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateZabbixAppConnection tags: - App Connections description: Update the specified Zabbix Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 1000 description: The API Token used to access Zabbix. instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - apiToken - instanceUrl additionalProperties: false description: The credentials used to connect with Zabbix. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Zabbix Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Zabbix Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Zabbix Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Zabbix Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Zabbix Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Zabbix Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteZabbixAppConnection tags: - App Connections description: Delete the specified Zabbix Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Zabbix Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/zabbix/connection-name/{connectionName}: get: operationId: getZabbixAppConnectionByName tags: - App Connections description: Get the specified Zabbix Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Zabbix Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Zabbix Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/zabbix/{connectionId}/rotate-credentials: post: operationId: rotateZabbixAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Zabbix Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Zabbix Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - zabbix method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Zabbix instance URL to connect with. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Zabbix (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/railway: get: operationId: listRailwayAppConnections tags: - App Connections description: List the Railway Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Railway Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRailwayAppConnection tags: - App Connections description: Create a Railway Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with Railway. required: - apiToken additionalProperties: false description: The credentials used to connect with Railway. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Railway Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Railway Connection. projectId: type: string description: The ID of the project to create the Railway Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Railway Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Railway Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/railway/available: get: operationId: listRailwayAvailableAppConnections tags: - App Connections description: List the Railway Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Railway Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/railway/{connectionId}: get: operationId: getRailwayAppConnection tags: - App Connections description: Get the specified Railway Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Railway Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRailwayAppConnection tags: - App Connections description: Update the specified Railway Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with Railway. required: - apiToken additionalProperties: false description: The credentials used to connect with Railway. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Railway Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Railway Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Railway Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Railway Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Railway Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Railway Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRailwayAppConnection tags: - App Connections description: Delete the specified Railway Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Railway Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/railway/connection-name/{connectionName}: get: operationId: getRailwayAppConnectionByName tags: - App Connections description: Get the specified Railway Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Railway Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Railway Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/railway/{connectionId}/rotate-credentials: post: operationId: rotateRailwayAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Railway Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Railway Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - railway method: type: string enum: - account-token - project-token - team-token description: The method used to authenticate with Railway. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Railway (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/checkly: get: operationId: listChecklyAppConnections tags: - App Connections description: List the Checkly Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Checkly Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createChecklyAppConnection tags: - App Connections description: Create a Checkly Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 255 description: The API key used to authenticate with Checkly. required: - apiKey additionalProperties: false description: The credentials used to connect with Checkly. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Checkly Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Checkly Connection. projectId: type: string description: The ID of the project to create the Checkly Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Checkly Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Checkly Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/checkly/available: get: operationId: listChecklyAvailableAppConnections tags: - App Connections description: List the Checkly Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Checkly Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/checkly/{connectionId}: get: operationId: getChecklyAppConnection tags: - App Connections description: Get the specified Checkly Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Checkly Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateChecklyAppConnection tags: - App Connections description: Update the specified Checkly Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 255 description: The API key used to authenticate with Checkly. required: - apiKey additionalProperties: false description: The credentials used to connect with Checkly. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Checkly Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Checkly Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Checkly Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Checkly Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Checkly Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Checkly Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteChecklyAppConnection tags: - App Connections description: Delete the specified Checkly Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Checkly Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/checkly/connection-name/{connectionName}: get: operationId: getChecklyAppConnectionByName tags: - App Connections description: Get the specified Checkly Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Checkly Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Checkly Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/checkly/{connectionId}/rotate-credentials: post: operationId: rotateChecklyAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Checkly Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Checkly Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - checkly method: type: string enum: - api-key description: The method used to authenticate with Checkly. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Checkly (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/supabase: get: operationId: listSupabaseAppConnections tags: - App Connections description: List the Supabase Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Supabase Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSupabaseAppConnection tags: - App Connections description: Create a Supabase Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: accessKey: type: string minLength: 1 maxLength: 255 description: The Key used to access Supabase. instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. required: - accessKey additionalProperties: false description: The credentials used to connect with Supabase. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Supabase Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Supabase Connection. projectId: type: string description: The ID of the project to create the Supabase Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Supabase Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Supabase Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/supabase/available: get: operationId: listSupabaseAvailableAppConnections tags: - App Connections description: List the Supabase Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Supabase Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/supabase/{connectionId}: get: operationId: getSupabaseAppConnection tags: - App Connections description: Get the specified Supabase Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Supabase Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSupabaseAppConnection tags: - App Connections description: Update the specified Supabase Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessKey: type: string minLength: 1 maxLength: 255 description: The Key used to access Supabase. instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. required: - accessKey additionalProperties: false description: The credentials used to connect with Supabase. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Supabase Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Supabase Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Supabase Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Supabase Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Supabase Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Supabase Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSupabaseAppConnection tags: - App Connections description: Delete the specified Supabase Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Supabase Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/supabase/connection-name/{connectionName}: get: operationId: getSupabaseAppConnectionByName tags: - App Connections description: Get the specified Supabase Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Supabase Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Supabase Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/supabase/{connectionId}/rotate-credentials: post: operationId: rotateSupabaseAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Supabase Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Supabase Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - supabase method: type: string enum: - access-token description: The method used to authenticate with Supabase. credentials: type: object properties: instanceUrl: type: string format: uri maxLength: 255 description: The URL used to access Supabase. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Supabase (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digital-ocean: get: operationId: listDigitalOceanAppConnections tags: - App Connections description: List the DigitalOcean App Platform Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DigitalOcean App Platform Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDigitalOceanAppConnection tags: - App Connections description: Create a DigitalOcean App Platform Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with Digital Ocean App Platform. required: - apiToken additionalProperties: false description: The credentials used to connect with DigitalOcean App Platform. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DigitalOcean App Platform Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the DigitalOcean App Platform Connection. projectId: type: string description: The ID of the project to create the DigitalOcean App Platform Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DigitalOcean App Platform Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DigitalOcean App Platform Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digital-ocean/available: get: operationId: listDigitalOceanAvailableAppConnections tags: - App Connections description: List the DigitalOcean App Platform Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DigitalOcean App Platform Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digital-ocean/{connectionId}: get: operationId: getDigitalOceanAppConnection tags: - App Connections description: Get the specified DigitalOcean App Platform Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigitalOcean App Platform Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDigitalOceanAppConnection tags: - App Connections description: Update the specified DigitalOcean App Platform Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with Digital Ocean App Platform. required: - apiToken additionalProperties: false description: The credentials used to connect with DigitalOcean App Platform. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DigitalOcean App Platform Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the DigitalOcean App Platform Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DigitalOcean App Platform Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DigitalOcean App Platform Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigitalOcean App Platform Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigitalOcean App Platform Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDigitalOceanAppConnection tags: - App Connections description: Delete the specified DigitalOcean App Platform Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigitalOcean App Platform Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digital-ocean/connection-name/{connectionName}: get: operationId: getDigitalOceanAppConnectionByName tags: - App Connections description: Get the specified DigitalOcean App Platform Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the DigitalOcean App Platform Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the DigitalOcean App Platform Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digital-ocean/{connectionId}/rotate-credentials: post: operationId: rotateDigitalOceanAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified DigitalOcean App Platform Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigitalOcean App Platform Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digital-ocean method: type: string enum: - api-token description: The method used to authenticate with DigitalOcean App Platform. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigitalOcean App Platform (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netlify: get: operationId: listNetlifyAppConnections tags: - App Connections description: List the Netlify Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Netlify Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNetlifyAppConnection tags: - App Connections description: Create a Netlify Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: accessToken: type: string minLength: 1 maxLength: 255 description: The Access token used to authenticate with Netlify. required: - accessToken additionalProperties: false description: The credentials used to connect with Netlify. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Netlify Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Netlify Connection. projectId: type: string description: The ID of the project to create the Netlify Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Netlify Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Netlify Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netlify/available: get: operationId: listNetlifyAvailableAppConnections tags: - App Connections description: List the Netlify Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Netlify Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netlify/{connectionId}: get: operationId: getNetlifyAppConnection tags: - App Connections description: Get the specified Netlify Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Netlify Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNetlifyAppConnection tags: - App Connections description: Update the specified Netlify Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessToken: type: string minLength: 1 maxLength: 255 description: The Access token used to authenticate with Netlify. required: - accessToken additionalProperties: false description: The credentials used to connect with Netlify. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Netlify Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Netlify Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Netlify Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Netlify Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Netlify Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Netlify Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNetlifyAppConnection tags: - App Connections description: Delete the specified Netlify Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Netlify Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netlify/connection-name/{connectionName}: get: operationId: getNetlifyAppConnectionByName tags: - App Connections description: Get the specified Netlify Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Netlify Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Netlify Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netlify/{connectionId}/rotate-credentials: post: operationId: rotateNetlifyAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Netlify Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Netlify Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netlify method: type: string enum: - access-token description: The method used to authenticate with Netlify. credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Netlify (Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/northflank: get: operationId: listNorthflankAppConnections tags: - App Connections description: List the Northflank Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Northflank Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNorthflankAppConnection tags: - App Connections description: Create a Northflank Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Northflank. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Northflank. required: - apiToken additionalProperties: false description: The credentials used to connect with Northflank. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Northflank Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Northflank Connection. projectId: type: string description: The ID of the project to create the Northflank Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Northflank Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Northflank Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/northflank/available: get: operationId: listNorthflankAvailableAppConnections tags: - App Connections description: List the Northflank Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Northflank Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/northflank/{connectionId}: get: operationId: getNorthflankAppConnection tags: - App Connections description: Get the specified Northflank Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Northflank Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNorthflankAppConnection tags: - App Connections description: Update the specified Northflank Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Northflank. required: - apiToken additionalProperties: false description: The credentials used to connect with Northflank. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Northflank Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Northflank Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Northflank Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Northflank Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Northflank Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Northflank Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNorthflankAppConnection tags: - App Connections description: Delete the specified Northflank Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Northflank Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/northflank/connection-name/{connectionName}: get: operationId: getNorthflankAppConnectionByName tags: - App Connections description: Get the specified Northflank Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Northflank Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Northflank Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/northflank/{connectionId}/rotate-credentials: post: operationId: rotateNorthflankAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Northflank Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Northflank Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - northflank method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Northflank (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/okta: get: operationId: listOktaAppConnections tags: - App Connections description: List the Okta Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Okta Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOktaAppConnection tags: - App Connections description: Create an Okta Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Okta. credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. apiToken: type: string minLength: 1 description: The API token used to authenticate with Okta. required: - instanceUrl - apiToken additionalProperties: false description: The credentials used to connect with Okta. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Okta Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Okta Connection. projectId: type: string description: The ID of the project to create the Okta Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Okta Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Okta Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/okta/available: get: operationId: listOktaAvailableAppConnections tags: - App Connections description: List the Okta Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Okta Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/okta/{connectionId}: get: operationId: getOktaAppConnection tags: - App Connections description: Get the specified Okta Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Okta Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOktaAppConnection tags: - App Connections description: Update the specified Okta Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. apiToken: type: string minLength: 1 description: The API token used to authenticate with Okta. required: - instanceUrl - apiToken additionalProperties: false description: The credentials used to connect with Okta. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Okta Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Okta Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Okta Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Okta Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Okta Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Okta Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOktaAppConnection tags: - App Connections description: Delete the specified Okta Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Okta Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/okta/connection-name/{connectionName}: get: operationId: getOktaAppConnectionByName tags: - App Connections description: Get the specified Okta Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Okta Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Okta Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/okta/{connectionId}/rotate-credentials: post: operationId: rotateOktaAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Okta Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Okta Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - okta method: type: string enum: - api-token credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The URL used to access your Okta organization. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Okta (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/redis: get: operationId: listRedisAppConnections tags: - App Connections description: List the Redis Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Redis Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRedisAppConnection tags: - App Connections description: Create a Redis Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with Redis. credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 password: type: string minLength: 1 sslRejectUnauthorized: type: boolean sslEnabled: type: boolean sslCertificate: type: string required: - host - port - username - sslRejectUnauthorized - sslEnabled additionalProperties: false description: The credentials used to connect with Redis. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Redis Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Redis Connection. projectId: type: string description: The ID of the project to create the Redis Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Redis Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Redis Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/redis/available: get: operationId: listRedisAvailableAppConnections tags: - App Connections description: List the Redis Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Redis Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/redis/{connectionId}: get: operationId: getRedisAppConnection tags: - App Connections description: Get the specified Redis Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Redis Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRedisAppConnection tags: - App Connections description: Update the specified Redis Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 password: type: string minLength: 1 sslRejectUnauthorized: type: boolean sslEnabled: type: boolean sslCertificate: type: string required: - host - port - username - sslRejectUnauthorized - sslEnabled additionalProperties: false description: The credentials used to connect with Redis. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Redis Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Redis Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Redis Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Redis Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Redis Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Redis Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRedisAppConnection tags: - App Connections description: Delete the specified Redis Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Redis Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/redis/connection-name/{connectionName}: get: operationId: getRedisAppConnectionByName tags: - App Connections description: Get the specified Redis Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Redis Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Redis Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/redis/{connectionId}/rotate-credentials: post: operationId: rotateRedisAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Redis Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Redis Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - redis method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 sslEnabled: type: boolean sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - host - port - username - sslEnabled - sslRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Redis (Username and Password) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mongodb: get: operationId: listMongoDbAppConnections tags: - App Connections description: List the MongoDB Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list MongoDB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMongoDbAppConnection tags: - App Connections description: Create a MongoDB Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-password description: The method used to authenticate with MongoDB. credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 password: type: string minLength: 1 database: type: string minLength: 1 tlsRejectUnauthorized: type: boolean tlsEnabled: type: boolean tlsCertificate: type: string required: - host - port - username - password - database - tlsRejectUnauthorized - tlsEnabled additionalProperties: false description: The credentials used to connect with MongoDB. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the MongoDB Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the MongoDB Connection. projectId: type: string description: The ID of the project to create the MongoDB Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for MongoDB Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for MongoDB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mongodb/available: get: operationId: listMongoDbAvailableAppConnections tags: - App Connections description: List the MongoDB Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list MongoDB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mongodb/{connectionId}: get: operationId: getMongoDbAppConnection tags: - App Connections description: Get the specified MongoDB Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MongoDB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMongoDbAppConnection tags: - App Connections description: Update the specified MongoDB Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 password: type: string minLength: 1 database: type: string minLength: 1 tlsRejectUnauthorized: type: boolean tlsEnabled: type: boolean tlsCertificate: type: string required: - host - port - username - password - database - tlsRejectUnauthorized - tlsEnabled additionalProperties: false description: The credentials used to connect with MongoDB. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the MongoDB Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the MongoDB Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for MongoDB Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for MongoDB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for MongoDB Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MongoDB Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMongoDbAppConnection tags: - App Connections description: Delete the specified MongoDB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MongoDB Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mongodb/connection-name/{connectionName}: get: operationId: getMongoDbAppConnectionByName tags: - App Connections description: Get the specified MongoDB Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the MongoDB Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the MongoDB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/mongodb/{connectionId}/rotate-credentials: post: operationId: rotateMongoDbAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified MongoDB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the MongoDB Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - mongodb method: type: string enum: - username-and-password credentials: type: object properties: host: type: string minLength: 1 port: type: number username: type: string minLength: 1 database: type: string minLength: 1 tlsEnabled: type: boolean tlsRejectUnauthorized: type: boolean tlsCertificate: type: string required: - host - port - username - database - tlsEnabled - tlsRejectUnauthorized additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/chef: get: operationId: listChefAppConnections tags: - App Connections description: List the Chef Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Chef Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createChefAppConnection tags: - App Connections description: Create a Chef Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - user-key description: The method used to authenticate with Chef. credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. privateKey: type: string minLength: 1 maxLength: 16384 description: The private key used to access Chef. required: - orgName - userName - privateKey additionalProperties: false description: The credentials used to connect with Chef. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Chef Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Chef Connection. projectId: type: string description: The ID of the project to create the Chef Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Chef Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Chef Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/chef/available: get: operationId: listChefAvailableAppConnections tags: - App Connections description: List the Chef Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Chef Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/chef/{connectionId}: get: operationId: getChefAppConnection tags: - App Connections description: Get the specified Chef Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Chef Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateChefAppConnection tags: - App Connections description: Update the specified Chef Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. privateKey: type: string minLength: 1 maxLength: 16384 description: The private key used to access Chef. required: - orgName - userName - privateKey additionalProperties: false description: The credentials used to connect with Chef. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Chef Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Chef Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Chef Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Chef Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Chef Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Chef Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteChefAppConnection tags: - App Connections description: Delete the specified Chef Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Chef Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/chef/connection-name/{connectionName}: get: operationId: getChefAppConnectionByName tags: - App Connections description: Get the specified Chef Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Chef Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Chef Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/chef/{connectionId}/rotate-credentials: post: operationId: rotateChefAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Chef Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Chef Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - chef method: type: string enum: - user-key credentials: type: object properties: serverUrl: type: string format: uri description: The URL of the Chef server to connect to. orgName: type: string minLength: 1 maxLength: 256 description: The short name of the Chef organization to connect to. userName: type: string minLength: 1 maxLength: 256 description: The username used to access Chef. required: - orgName - userName additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Chef (User Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/octopus-deploy: get: operationId: listOctopusDeployAppConnections tags: - App Connections description: List the Octopus Deploy Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Octopus Deploy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOctopusDeployAppConnection tags: - App Connections description: Create an Octopus Deploy Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Octopus Deploy. credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. apiKey: type: string minLength: 1 description: The API key used to authenticate with Octopus Deploy. required: - instanceUrl - apiKey additionalProperties: false description: The credentials used to connect with Octopus Deploy. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Octopus Deploy Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Octopus Deploy Connection. projectId: type: string description: The ID of the project to create the Octopus Deploy Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Octopus Deploy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Octopus Deploy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/octopus-deploy/available: get: operationId: listOctopusDeployAvailableAppConnections tags: - App Connections description: List the Octopus Deploy Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Octopus Deploy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/octopus-deploy/{connectionId}: get: operationId: getOctopusDeployAppConnection tags: - App Connections description: Get the specified Octopus Deploy Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Octopus Deploy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOctopusDeployAppConnection tags: - App Connections description: Update the specified Octopus Deploy Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. apiKey: type: string minLength: 1 description: The API key used to authenticate with Octopus Deploy. required: - instanceUrl - apiKey additionalProperties: false description: The credentials used to connect with Octopus Deploy. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Octopus Deploy Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Octopus Deploy Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Octopus Deploy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Octopus Deploy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Octopus Deploy Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Octopus Deploy Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOctopusDeployAppConnection tags: - App Connections description: Delete the specified Octopus Deploy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Octopus Deploy Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/octopus-deploy/connection-name/{connectionName}: get: operationId: getOctopusDeployAppConnectionByName tags: - App Connections description: Get the specified Octopus Deploy Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Octopus Deploy Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Octopus Deploy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/octopus-deploy/{connectionId}/rotate-credentials: post: operationId: rotateOctopusDeployAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Octopus Deploy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Octopus Deploy Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - octopus-deploy method: type: string enum: - api-key credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 255 description: The Octopus Deploy instance URL to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Octopus Deploy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ssh: get: operationId: listSshAppConnections tags: - App Connections description: List the SSH Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list SSH Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSshAppConnection tags: - App Connections description: Create a SSH Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - password description: The method used to authenticate with SSH. credentials: type: object properties: host: type: string minLength: 1 description: The hostname or IP address of the SSH server. port: type: integer minimum: 1 maximum: 65535 description: 'The port number of the SSH server (default: 22).' username: type: string minLength: 1 description: The username for SSH authentication. password: type: string minLength: 1 description: The password for SSH authentication (required when authMethod is 'password'). required: - host - port - username - password additionalProperties: false description: The credentials used to connect with SSH. configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - method - credentials additionalProperties: false - type: object properties: method: type: string enum: - ssh-key description: The method used to authenticate with SSH. credentials: type: object properties: host: type: string minLength: 1 description: The hostname or IP address of the SSH server. port: type: integer minimum: 1 maximum: 65535 description: 'The port number of the SSH server (default: 22).' username: type: string minLength: 1 description: The username for SSH authentication. privateKey: type: string minLength: 1 description: The private key in PEM format for SSH authentication (required when authMethod is 'ssh-key'). passphrase: type: string description: The passphrase for the private key, if encrypted (optional, only for 'ssh-key' authMethod). required: - host - port - username - privateKey additionalProperties: false description: The credentials used to connect with SSH. configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the SSH Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the SSH Connection. projectId: type: string description: The ID of the project to create the SSH Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for SSH Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for SSH Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for SSH Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ssh/available: get: operationId: listSshAvailableAppConnections tags: - App Connections description: List the SSH Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list SSH Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ssh/{connectionId}: get: operationId: getSshAppConnection tags: - App Connections description: Get the specified SSH Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SSH Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSshAppConnection tags: - App Connections description: Update the specified SSH Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: anyOf: - type: object properties: host: type: string minLength: 1 description: The hostname or IP address of the SSH server. port: type: integer minimum: 1 maximum: 65535 description: 'The port number of the SSH server (default: 22).' username: type: string minLength: 1 description: The username for SSH authentication. password: type: string minLength: 1 description: The password for SSH authentication (required when authMethod is 'password'). required: - host - port - username - password additionalProperties: false - type: object properties: host: type: string minLength: 1 description: The hostname or IP address of the SSH server. port: type: integer minimum: 1 maximum: 65535 description: 'The port number of the SSH server (default: 22).' username: type: string minLength: 1 description: The username for SSH authentication. privateKey: type: string minLength: 1 description: The private key in PEM format for SSH authentication (required when authMethod is 'ssh-key'). passphrase: type: string description: The passphrase for the private key, if encrypted (optional, only for 'ssh-key' authMethod). required: - host - port - username - privateKey additionalProperties: false description: The credentials used to connect with SSH. configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the SSH Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the SSH Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for SSH Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for SSH Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for SSH Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SSH Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSshAppConnection tags: - App Connections description: Delete the specified SSH Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SSH Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ssh/connection-name/{connectionName}: get: operationId: getSshAppConnectionByName tags: - App Connections description: Get the specified SSH Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the SSH Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the SSH Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ssh/{connectionId}/rotate-credentials: post: operationId: rotateSshAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified SSH Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SSH Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - password credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (Password) - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ssh method: type: string enum: - ssh-key credentials: type: object properties: host: type: string port: type: number username: type: string required: - host - port - username additionalProperties: false configuration: type: object properties: blockedUsers: type: string description: A comma-separated list of usernames that are blocked from being used in operations like secret rotation (e.g., 'root,admin,ubuntu'). additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SSH (SSH Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dbt: get: operationId: listDbtAppConnections tags: - App Connections description: List the DBT Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DBT Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDbtAppConnection tags: - App Connections description: Create a DBT Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with DBT. instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - apiToken - instanceUrl - accountId additionalProperties: false description: The credentials used to connect with DBT. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DBT Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the DBT Connection. projectId: type: string description: The ID of the project to create the DBT Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DBT Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DBT Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dbt/available: get: operationId: listDbtAvailableAppConnections tags: - App Connections description: List the DBT Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DBT Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dbt/{connectionId}: get: operationId: getDbtAppConnection tags: - App Connections description: Get the specified DBT Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DBT Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDbtAppConnection tags: - App Connections description: Update the specified DBT Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 255 description: The API token used to authenticate with DBT. instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - apiToken - instanceUrl - accountId additionalProperties: false description: The credentials used to connect with DBT. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DBT Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the DBT Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DBT Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DBT Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DBT Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DBT Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDbtAppConnection tags: - App Connections description: Delete the specified DBT Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DBT Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dbt/connection-name/{connectionName}: get: operationId: getDbtAppConnectionByName tags: - App Connections description: Get the specified DBT Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the DBT Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the DBT Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/dbt/{connectionId}/rotate-credentials: post: operationId: rotateDbtAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified DBT Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DBT Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - dbt method: type: string enum: - api-token description: The method used to authenticate with DBT. credentials: type: object properties: instanceUrl: type: string minLength: 1 format: uri description: The base URL of your DBT instance. accountId: type: string minLength: 1 maxLength: 255 description: The account ID of your DBT account. required: - instanceUrl - accountId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DBT (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/smb: get: operationId: listSmbAppConnections tags: - App Connections description: List the SMB Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list SMB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSmbAppConnection tags: - App Connections description: Create a SMB Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: method: type: string enum: - credentials description: The method used to authenticate with SMB. credentials: type: object properties: host: type: string minLength: 1 maxLength: 253 description: The hostname or IP address of the Windows server. port: type: integer minimum: 1 maximum: 65535 description: The SMB port (defaults to 445). domain: type: string maxLength: 255 description: The Windows domain name (optional). username: type: string minLength: 1 maxLength: 104 description: The username for SMB authentication. password: type: string minLength: 1 description: The password for SMB authentication. required: - host - port - username - password additionalProperties: false description: The credentials used to connect with SMB. required: - method - credentials - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the SMB Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the SMB Connection. projectId: type: string description: The ID of the project to create the SMB Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for SMB Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for SMB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for SMB Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/smb/available: get: operationId: listSmbAvailableAppConnections tags: - App Connections description: List the SMB Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list SMB Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/smb/{connectionId}: get: operationId: getSmbAppConnection tags: - App Connections description: Get the specified SMB Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SMB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSmbAppConnection tags: - App Connections description: Update the specified SMB Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: host: type: string minLength: 1 maxLength: 253 description: The hostname or IP address of the Windows server. port: type: integer minimum: 1 maximum: 65535 description: The SMB port (defaults to 445). domain: type: string maxLength: 255 description: The Windows domain name (optional). username: type: string minLength: 1 maxLength: 104 description: The username for SMB authentication. password: type: string minLength: 1 description: The password for SMB authentication. required: - host - port - username - password additionalProperties: false description: The credentials used to connect with SMB. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the SMB Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the SMB Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for SMB Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for SMB Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for SMB Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SMB Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSmbAppConnection tags: - App Connections description: Delete the specified SMB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SMB Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/smb/connection-name/{connectionName}: get: operationId: getSmbAppConnectionByName tags: - App Connections description: Get the specified SMB Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the SMB Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the SMB Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/smb/{connectionId}/rotate-credentials: post: operationId: rotateSmbAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified SMB Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the SMB Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - smb method: type: string enum: - credentials credentials: type: object properties: host: type: string port: type: number domain: type: string username: type: string required: - host - port - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: SMB required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/open-router: get: operationId: listOpenRouterAppConnections tags: - App Connections description: List the OpenRouter Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OpenRouter Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOpenRouterAppConnection tags: - App Connections description: Create an OpenRouter Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with OpenRouter. credentials: type: object properties: apiKey: type: string minLength: 1 description: The OpenRouter Provisioning API key used to manage API keys. required: - apiKey additionalProperties: false description: The credentials used to connect with OpenRouter. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OpenRouter Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the OpenRouter Connection. projectId: type: string description: The ID of the project to create the OpenRouter Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OpenRouter Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OpenRouter Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/open-router/available: get: operationId: listOpenRouterAvailableAppConnections tags: - App Connections description: List the OpenRouter Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OpenRouter Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/open-router/{connectionId}: get: operationId: getOpenRouterAppConnection tags: - App Connections description: Get the specified OpenRouter Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OpenRouter Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOpenRouterAppConnection tags: - App Connections description: Update the specified OpenRouter Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 description: The OpenRouter Provisioning API key used to manage API keys. required: - apiKey additionalProperties: false description: The credentials used to connect with OpenRouter. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OpenRouter Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OpenRouter Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OpenRouter Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OpenRouter Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OpenRouter Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OpenRouter Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOpenRouterAppConnection tags: - App Connections description: Delete the specified OpenRouter Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OpenRouter Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/open-router/connection-name/{connectionName}: get: operationId: getOpenRouterAppConnectionByName tags: - App Connections description: Get the specified OpenRouter Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the OpenRouter Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the OpenRouter Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/open-router/{connectionId}/rotate-credentials: post: operationId: rotateOpenRouterAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified OpenRouter Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OpenRouter Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - open-router method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OpenRouter (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/circleci: get: operationId: listCircleciAppConnections tags: - App Connections description: List the CircleCI Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list CircleCI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCircleciAppConnection tags: - App Connections description: Create a CircleCI Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with CircleCI. credentials: type: object properties: apiToken: type: string minLength: 1 host: type: string required: - apiToken additionalProperties: false description: The credentials used to connect with CircleCI. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the CircleCI Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the CircleCI Connection. projectId: type: string description: The ID of the project to create the CircleCI Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for CircleCI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for CircleCI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/circleci/available: get: operationId: listCircleciAvailableAppConnections tags: - App Connections description: List the CircleCI Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list CircleCI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/circleci/{connectionId}: get: operationId: getCircleciAppConnection tags: - App Connections description: Get the specified CircleCI Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the CircleCI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCircleciAppConnection tags: - App Connections description: Update the specified CircleCI Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 host: type: string required: - apiToken additionalProperties: false description: The credentials used to connect with CircleCI. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the CircleCI Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the CircleCI Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for CircleCI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for CircleCI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for CircleCI Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the CircleCI Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCircleciAppConnection tags: - App Connections description: Delete the specified CircleCI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the CircleCI Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/circleci/connection-name/{connectionName}: get: operationId: getCircleciAppConnectionByName tags: - App Connections description: Get the specified CircleCI Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the CircleCI Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the CircleCI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/circleci/{connectionId}/rotate-credentials: post: operationId: rotateCircleciAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified CircleCI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the CircleCI Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - circleci method: type: string enum: - api-token credentials: type: object properties: host: type: string additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: CircleCI (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-entra-id: get: operationId: listAzureEntraIdAppConnections tags: - App Connections description: List the Azure Entra ID Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Entra ID Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureEntraIdAppConnection tags: - App Connections description: Create an Azure Entra ID Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - client-secret description: The method used to authenticate with Azure Entra ID. credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 tenantId: type: string format: uuid minLength: 1 required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure Entra ID. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure Entra ID Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Entra ID Connection. projectId: type: string description: The ID of the project to create the Azure Entra ID Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Entra ID Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure Entra ID Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-entra-id/available: get: operationId: listAzureEntraIdAvailableAppConnections tags: - App Connections description: List the Azure Entra ID Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Azure Entra ID Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-entra-id/{connectionId}: get: operationId: getAzureEntraIdAppConnection tags: - App Connections description: Get the specified Azure Entra ID Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Entra ID Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureEntraIdAppConnection tags: - App Connections description: Update the specified Azure Entra ID Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: clientId: type: string format: uuid minLength: 1 maxLength: 50 clientSecret: type: string minLength: 1 tenantId: type: string format: uuid minLength: 1 required: - clientId - clientSecret - tenantId additionalProperties: false description: The credentials used to connect with Azure Entra ID. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure Entra ID Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Entra ID Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Azure Entra ID Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Azure Entra ID Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Azure Entra ID Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Entra ID Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureEntraIdAppConnection tags: - App Connections description: Delete the specified Azure Entra ID Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Entra ID Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-entra-id/connection-name/{connectionName}: get: operationId: getAzureEntraIdAppConnectionByName tags: - App Connections description: Get the specified Azure Entra ID Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Azure Entra ID Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Azure Entra ID Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/azure-entra-id/{connectionId}/rotate-credentials: post: operationId: rotateAzureEntraIdAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Azure Entra ID Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Azure Entra ID Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - azure-entra-id method: type: string enum: - client-secret credentials: type: object properties: clientId: type: string tenantId: type: string required: - clientId - tenantId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Azure Entra ID (Client Secret) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi: get: operationId: listVenafiAppConnections tags: - App Connections description: List the Venafi TLS Protect Cloud Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Venafi TLS Protect Cloud Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createVenafiAppConnection tags: - App Connections description: Create a Venafi TLS Protect Cloud Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Venafi TLS Protect Cloud. credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - apiKey - region additionalProperties: false description: The credentials used to connect with Venafi TLS Protect Cloud. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Venafi TLS Protect Cloud Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Venafi TLS Protect Cloud Connection. projectId: type: string description: The ID of the project to create the Venafi TLS Protect Cloud Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Venafi TLS Protect Cloud Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Venafi TLS Protect Cloud Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi/available: get: operationId: listVenafiAvailableAppConnections tags: - App Connections description: List the Venafi TLS Protect Cloud Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Venafi TLS Protect Cloud Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - venafi name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi/{connectionId}: get: operationId: getVenafiAppConnection tags: - App Connections description: Get the specified Venafi TLS Protect Cloud Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TLS Protect Cloud Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateVenafiAppConnection tags: - App Connections description: Update the specified Venafi TLS Protect Cloud Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 256 region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - apiKey - region additionalProperties: false description: The credentials used to connect with Venafi TLS Protect Cloud. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Venafi TLS Protect Cloud Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Venafi TLS Protect Cloud Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Venafi TLS Protect Cloud Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Venafi TLS Protect Cloud Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TLS Protect Cloud Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TLS Protect Cloud Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteVenafiAppConnection tags: - App Connections description: Delete the specified Venafi TLS Protect Cloud Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TLS Protect Cloud Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi/connection-name/{connectionName}: get: operationId: getVenafiAppConnectionByName tags: - App Connections description: Get the specified Venafi TLS Protect Cloud Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Venafi TLS Protect Cloud Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Venafi TLS Protect Cloud Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi/{connectionId}/rotate-credentials: post: operationId: rotateVenafiAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Venafi TLS Protect Cloud Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TLS Protect Cloud Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu - au - uk - sg - ca description: The region of the Venafi TLS Protect Cloud instance required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TLS Protect Cloud (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi-tpp: get: operationId: listVenafiTppAppConnections tags: - App Connections description: List the Venafi TPP Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Venafi TPP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createVenafiTppAppConnection tags: - App Connections description: Create a Venafi TPP Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - oauth description: The method used to authenticate with Venafi TPP. credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' password: type: string minLength: 1 maxLength: 255 description: The password used to authenticate with Venafi TPP. required: - tppUrl - clientId - username - password additionalProperties: false description: The credentials used to connect with Venafi TPP. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Venafi TPP Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Venafi TPP Connection. projectId: type: string description: The ID of the project to create the Venafi TPP Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Venafi TPP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Venafi TPP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TPP Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi-tpp/available: get: operationId: listVenafiTppAvailableAppConnections tags: - App Connections description: List the Venafi TPP Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Venafi TPP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - venafi-tpp name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi-tpp/{connectionId}: get: operationId: getVenafiTppAppConnection tags: - App Connections description: Get the specified Venafi TPP Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TPP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateVenafiTppAppConnection tags: - App Connections description: Update the specified Venafi TPP Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' password: type: string minLength: 1 maxLength: 255 description: The password used to authenticate with Venafi TPP. required: - tppUrl - clientId - username - password additionalProperties: false description: The credentials used to connect with Venafi TPP. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Venafi TPP Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Venafi TPP Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Venafi TPP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Venafi TPP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Venafi TPP Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TPP Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteVenafiTppAppConnection tags: - App Connections description: Delete the specified Venafi TPP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TPP Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi-tpp/connection-name/{connectionName}: get: operationId: getVenafiTppAppConnectionByName tags: - App Connections description: Get the specified Venafi TPP Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Venafi TPP Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Venafi TPP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/venafi-tpp/{connectionId}/rotate-credentials: post: operationId: rotateVenafiTppAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Venafi TPP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Venafi TPP Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - venafi-tpp method: type: string enum: - oauth credentials: type: object properties: tppUrl: type: string minLength: 1 maxLength: 512 description: The HTTPS URL of the Venafi TPP instance (e.g., 'https://tpp.example.com'). Must use HTTPS. clientId: type: string minLength: 1 maxLength: 255 description: The OAuth client ID registered in the Venafi TPP API Integration. Used for token-based authentication. username: type: string minLength: 1 maxLength: 255 description: 'The username used to authenticate with Venafi TPP. Supports formats: ''DOMAIN\\username'', ''username@domain.com'', or local usernames.' required: - tppUrl - clientId - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Venafi TPP (OAuth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/external-infisical: get: operationId: listExternalInfisicalAppConnections tags: - App Connections description: List the Infisical Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Infisical Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createExternalInfisicalAppConnection tags: - App Connections description: Create an Infisical Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - machine-identity-universal-auth description: The method used to authenticate with Infisical. credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 machineIdentityClientSecret: type: string minLength: 1 maxLength: 512 required: - instanceUrl - machineIdentityClientId - machineIdentityClientSecret additionalProperties: false description: The credentials used to connect with Infisical. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Infisical Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Infisical Connection. projectId: type: string description: The ID of the project to create the Infisical Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Infisical Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Infisical Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/external-infisical/available: get: operationId: listExternalInfisicalAvailableAppConnections tags: - App Connections description: List the Infisical Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Infisical Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/external-infisical/{connectionId}: get: operationId: getExternalInfisicalAppConnection tags: - App Connections description: Get the specified Infisical Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Infisical Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateExternalInfisicalAppConnection tags: - App Connections description: Update the specified Infisical Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 machineIdentityClientSecret: type: string minLength: 1 maxLength: 512 required: - instanceUrl - machineIdentityClientId - machineIdentityClientSecret additionalProperties: false description: The credentials used to connect with Infisical. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Infisical Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Infisical Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Infisical Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Infisical Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Infisical Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Infisical Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteExternalInfisicalAppConnection tags: - App Connections description: Delete the specified Infisical Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Infisical Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/external-infisical/connection-name/{connectionName}: get: operationId: getExternalInfisicalAppConnectionByName tags: - App Connections description: Get the specified Infisical Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Infisical Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Infisical Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/external-infisical/{connectionId}/rotate-credentials: post: operationId: rotateExternalInfisicalAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Infisical Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Infisical Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - external-infisical method: type: string enum: - machine-identity-universal-auth credentials: type: object properties: instanceUrl: type: string format: uri minLength: 1 maxLength: 512 machineIdentityClientId: type: string format: uuid minLength: 1 required: - instanceUrl - machineIdentityClientId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Infisical (Machine Identity - Universal Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/doppler: get: operationId: listDopplerAppConnections tags: - App Connections description: List the Doppler Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Doppler Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDopplerAppConnection tags: - App Connections description: Create a Doppler Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Doppler. credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 512 required: - apiToken additionalProperties: false description: The credentials used to connect with Doppler. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Doppler Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Doppler Connection. projectId: type: string description: The ID of the project to create the Doppler Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Doppler Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Doppler Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/doppler/available: get: operationId: listDopplerAvailableAppConnections tags: - App Connections description: List the Doppler Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Doppler Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - doppler name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/doppler/{connectionId}: get: operationId: getDopplerAppConnection tags: - App Connections description: Get the specified Doppler Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Doppler Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDopplerAppConnection tags: - App Connections description: Update the specified Doppler Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 maxLength: 512 required: - apiToken additionalProperties: false description: The credentials used to connect with Doppler. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Doppler Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Doppler Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Doppler Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Doppler Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Doppler Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Doppler Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDopplerAppConnection tags: - App Connections description: Delete the specified Doppler Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Doppler Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/doppler/connection-name/{connectionName}: get: operationId: getDopplerAppConnectionByName tags: - App Connections description: Get the specified Doppler Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Doppler Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Doppler Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/doppler/{connectionId}/rotate-credentials: post: operationId: rotateDopplerAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Doppler Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Doppler Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - doppler method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Doppler (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netscaler: get: operationId: listNetscalerAppConnections tags: - App Connections description: List the NetScaler Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list NetScaler Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNetscalerAppConnection tags: - App Connections description: Create a NetScaler Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - basic-auth description: The method used to authenticate with NetScaler. credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 password: type: string minLength: 1 maxLength: 512 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username - password additionalProperties: false description: The credentials used to connect with NetScaler. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the NetScaler Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the NetScaler Connection. projectId: type: string description: The ID of the project to create the NetScaler Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for NetScaler Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for NetScaler Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for NetScaler Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netscaler/available: get: operationId: listNetscalerAvailableAppConnections tags: - App Connections description: List the NetScaler Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list NetScaler Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - netscaler name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netscaler/{connectionId}: get: operationId: getNetscalerAppConnection tags: - App Connections description: Get the specified NetScaler Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the NetScaler Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNetscalerAppConnection tags: - App Connections description: Update the specified NetScaler Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 password: type: string minLength: 1 maxLength: 512 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username - password additionalProperties: false description: The credentials used to connect with NetScaler. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the NetScaler Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the NetScaler Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for NetScaler Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for NetScaler Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for NetScaler Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the NetScaler Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNetscalerAppConnection tags: - App Connections description: Delete the specified NetScaler Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the NetScaler Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netscaler/connection-name/{connectionName}: get: operationId: getNetscalerAppConnectionByName tags: - App Connections description: Get the specified NetScaler Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the NetScaler Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the NetScaler Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/netscaler/{connectionId}/rotate-credentials: post: operationId: rotateNetscalerAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified NetScaler Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the NetScaler Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - netscaler method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: NetScaler (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/anthropic: get: operationId: listAnthropicAppConnections tags: - App Connections description: List the Anthropic Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Anthropic Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAnthropicAppConnection tags: - App Connections description: Create an Anthropic Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Anthropic. credentials: type: object properties: apiKey: type: string minLength: 1 description: The Anthropic API key used to authenticate with the Anthropic API. required: - apiKey additionalProperties: false description: The credentials used to connect with Anthropic. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Anthropic Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Anthropic Connection. projectId: type: string description: The ID of the project to create the Anthropic Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Anthropic Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Anthropic Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/anthropic/available: get: operationId: listAnthropicAvailableAppConnections tags: - App Connections description: List the Anthropic Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Anthropic Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - anthropic name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/anthropic/{connectionId}: get: operationId: getAnthropicAppConnection tags: - App Connections description: Get the specified Anthropic Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Anthropic Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAnthropicAppConnection tags: - App Connections description: Update the specified Anthropic Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 description: The Anthropic API key used to authenticate with the Anthropic API. required: - apiKey additionalProperties: false description: The credentials used to connect with Anthropic. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Anthropic Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Anthropic Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Anthropic Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Anthropic Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Anthropic Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Anthropic Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAnthropicAppConnection tags: - App Connections description: Delete the specified Anthropic Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Anthropic Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/anthropic/connection-name/{connectionName}: get: operationId: getAnthropicAppConnectionByName tags: - App Connections description: Get the specified Anthropic Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Anthropic Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Anthropic Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/anthropic/{connectionId}/rotate-credentials: post: operationId: rotateAnthropicAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Anthropic Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Anthropic Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - anthropic method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Anthropic (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ovh: get: operationId: listOvhAppConnections tags: - App Connections description: List the OVH Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OVH Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOvhAppConnection tags: - App Connections description: Create an OVH Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - certificate description: The method used to authenticate with OVH. credentials: type: object properties: privateKey: type: string minLength: 1 description: The PEM-encoded private key issued by OVH OKMS for client certificate authentication (including the -----BEGIN/END PRIVATE KEY----- markers). certificate: type: string minLength: 1 description: The PEM-encoded public certificate issued by OVH OKMS for client certificate authentication (including the -----BEGIN/END CERTIFICATE----- markers). okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - privateKey - certificate - okmsDomain - okmsId additionalProperties: false description: The credentials used to connect with OVH. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OVH Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the OVH Connection. projectId: type: string description: The ID of the project to create the OVH Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OVH Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OVH Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ovh/available: get: operationId: listOvhAvailableAppConnections tags: - App Connections description: List the OVH Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list OVH Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ovh/{connectionId}: get: operationId: getOvhAppConnection tags: - App Connections description: Get the specified OVH Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OVH Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOvhAppConnection tags: - App Connections description: Update the specified OVH Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: privateKey: type: string minLength: 1 description: The PEM-encoded private key issued by OVH OKMS for client certificate authentication (including the -----BEGIN/END PRIVATE KEY----- markers). certificate: type: string minLength: 1 description: The PEM-encoded public certificate issued by OVH OKMS for client certificate authentication (including the -----BEGIN/END CERTIFICATE----- markers). okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - privateKey - certificate - okmsDomain - okmsId additionalProperties: false description: The credentials used to connect with OVH. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OVH Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OVH Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for OVH Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for OVH Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for OVH Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OVH Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOvhAppConnection tags: - App Connections description: Delete the specified OVH Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OVH Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ovh/connection-name/{connectionName}: get: operationId: getOvhAppConnectionByName tags: - App Connections description: Get the specified OVH Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the OVH Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the OVH Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ovh/{connectionId}/rotate-credentials: post: operationId: rotateOvhAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified OVH Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the OVH Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ovh method: type: string enum: - certificate credentials: type: object properties: okmsDomain: type: string minLength: 1 format: uri description: The OKMS base URL (e.g., 'https://ca-east-bhs.okms.ovh.net'). okmsId: type: string minLength: 1 description: The OKMS instance identifier from the OVH Control Panel, used as a path segment in all API calls. required: - okmsDomain - okmsId additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: OVH (Certificate) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/devin: get: operationId: listDevinAppConnections tags: - App Connections description: List the Devin Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Devin Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDevinAppConnection tags: - App Connections description: Create a Devin Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Devin. credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 1000 pattern: ^cog\_ description: The Devin service-user API key used to authenticate against the Devin v3 API. required: - apiKey additionalProperties: false description: The credentials used to connect with Devin. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Devin Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Devin Connection. projectId: type: string description: The ID of the project to create the Devin Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Devin Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Devin Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/devin/available: get: operationId: listDevinAvailableAppConnections tags: - App Connections description: List the Devin Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Devin Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/devin/{connectionId}: get: operationId: getDevinAppConnection tags: - App Connections description: Get the specified Devin Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Devin Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDevinAppConnection tags: - App Connections description: Update the specified Devin Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 maxLength: 1000 pattern: ^cog\_ description: The Devin service-user API key used to authenticate against the Devin v3 API. required: - apiKey additionalProperties: false description: The credentials used to connect with Devin. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Devin Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Devin Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Devin Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Devin Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Devin Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Devin Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDevinAppConnection tags: - App Connections description: Delete the specified Devin Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Devin Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/devin/connection-name/{connectionName}: get: operationId: getDevinAppConnectionByName tags: - App Connections description: Get the specified Devin Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Devin Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Devin Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/devin/{connectionId}/rotate-credentials: post: operationId: rotateDevinAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Devin Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Devin Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - devin method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Devin (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ona: get: operationId: listOnaAppConnections tags: - App Connections description: List the Ona Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Ona Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOnaAppConnection tags: - App Connections description: Create an Ona Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - personal-access-token description: The method used to authenticate with Ona. credentials: type: object properties: personalAccessToken: type: string minLength: 1 description: The Personal Access Token used to authenticate with Ona. required: - personalAccessToken additionalProperties: false description: The credentials used to connect with Ona. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Ona Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Ona Connection. projectId: type: string description: The ID of the project to create the Ona Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Ona Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Ona Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ona/available: get: operationId: listOnaAvailableAppConnections tags: - App Connections description: List the Ona Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Ona Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ona/{connectionId}: get: operationId: getOnaAppConnection tags: - App Connections description: Get the specified Ona Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Ona Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOnaAppConnection tags: - App Connections description: Update the specified Ona Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: personalAccessToken: type: string minLength: 1 description: The Personal Access Token used to authenticate with Ona. required: - personalAccessToken additionalProperties: false description: The credentials used to connect with Ona. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Ona Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Ona Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Ona Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Ona Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Ona Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Ona Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOnaAppConnection tags: - App Connections description: Delete the specified Ona Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Ona Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ona/connection-name/{connectionName}: get: operationId: getOnaAppConnectionByName tags: - App Connections description: Get the specified Ona Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Ona Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Ona Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/ona/{connectionId}/rotate-credentials: post: operationId: rotateOnaAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Ona Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Ona Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - ona method: type: string enum: - personal-access-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Ona (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digicert: get: operationId: listDigicertAppConnections tags: - App Connections description: List the DigiCert Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DigiCert Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDigicertAppConnection tags: - App Connections description: Create a DigiCert Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with DigiCert. credentials: type: object properties: apiKey: type: string minLength: 1 description: The CertCentral API Key used to authenticate with DigiCert. region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - apiKey - region additionalProperties: false description: The credentials used to connect with DigiCert. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DigiCert Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the DigiCert Connection. projectId: type: string description: The ID of the project to create the DigiCert Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DigiCert Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DigiCert Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digicert/available: get: operationId: listDigicertAvailableAppConnections tags: - App Connections description: List the DigiCert Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list DigiCert Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - digicert name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digicert/{connectionId}: get: operationId: getDigicertAppConnection tags: - App Connections description: Get the specified DigiCert Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigiCert Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDigicertAppConnection tags: - App Connections description: Update the specified DigiCert Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 description: The CertCentral API Key used to authenticate with DigiCert. region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - apiKey - region additionalProperties: false description: The credentials used to connect with DigiCert. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DigiCert Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the DigiCert Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for DigiCert Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for DigiCert Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for DigiCert Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigiCert Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDigicertAppConnection tags: - App Connections description: Delete the specified DigiCert Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigiCert Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digicert/connection-name/{connectionName}: get: operationId: getDigicertAppConnectionByName tags: - App Connections description: Get the specified DigiCert Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the DigiCert Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the DigiCert Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/digicert/{connectionId}/rotate-credentials: post: operationId: rotateDigicertAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified DigiCert Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the DigiCert Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - digicert method: type: string enum: - api-key credentials: type: object properties: region: type: string enum: - us - eu description: The CertCentral region the API key belongs to (us or eu). required: - region additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: DigiCert (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/godaddy: get: operationId: listGodaddyAppConnections tags: - App Connections description: List the GoDaddy Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GoDaddy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGodaddyAppConnection tags: - App Connections description: Create a GoDaddy Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with GoDaddy. credentials: type: object properties: apiKey: type: string minLength: 1 description: The GoDaddy API Key used to authenticate with the GoDaddy API. apiSecret: type: string minLength: 1 description: The GoDaddy API Secret used to authenticate with the GoDaddy API. required: - apiKey - apiSecret additionalProperties: false description: The credentials used to connect with GoDaddy. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GoDaddy Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the GoDaddy Connection. projectId: type: string description: The ID of the project to create the GoDaddy Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GoDaddy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GoDaddy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/godaddy/available: get: operationId: listGodaddyAvailableAppConnections tags: - App Connections description: List the GoDaddy Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list GoDaddy Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - godaddy name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/godaddy/{connectionId}: get: operationId: getGodaddyAppConnection tags: - App Connections description: Get the specified GoDaddy Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GoDaddy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGodaddyAppConnection tags: - App Connections description: Update the specified GoDaddy Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiKey: type: string minLength: 1 description: The GoDaddy API Key used to authenticate with the GoDaddy API. apiSecret: type: string minLength: 1 description: The GoDaddy API Secret used to authenticate with the GoDaddy API. required: - apiKey - apiSecret additionalProperties: false description: The credentials used to connect with GoDaddy. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GoDaddy Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GoDaddy Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for GoDaddy Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for GoDaddy Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for GoDaddy Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GoDaddy Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGodaddyAppConnection tags: - App Connections description: Delete the specified GoDaddy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GoDaddy Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/godaddy/connection-name/{connectionName}: get: operationId: getGodaddyAppConnectionByName tags: - App Connections description: Get the specified GoDaddy Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the GoDaddy Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the GoDaddy Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/godaddy/{connectionId}/rotate-credentials: post: operationId: rotateGodaddyAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified GoDaddy Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the GoDaddy Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - godaddy method: type: string enum: - api-key credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: GoDaddy (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/travis-ci: get: operationId: listTravisCIAppConnections tags: - App Connections description: List the Travis CI Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Travis CI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTravisCIAppConnection tags: - App Connections description: Create a Travis CI Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-token description: The method used to authenticate with Travis CI. credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Travis CI. required: - apiToken additionalProperties: false description: The credentials used to connect with Travis CI. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Travis CI Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Travis CI Connection. projectId: type: string description: The ID of the project to create the Travis CI Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Travis CI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Travis CI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/travis-ci/available: get: operationId: listTravisCIAvailableAppConnections tags: - App Connections description: List the Travis CI Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Travis CI Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/travis-ci/{connectionId}: get: operationId: getTravisCIAppConnection tags: - App Connections description: Get the specified Travis CI Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Travis CI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTravisCIAppConnection tags: - App Connections description: Update the specified Travis CI Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: apiToken: type: string minLength: 1 description: The API token used to authenticate with Travis CI. required: - apiToken additionalProperties: false description: The credentials used to connect with Travis CI. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Travis CI Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Travis CI Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Travis CI Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Travis CI Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Travis CI Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Travis CI Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTravisCIAppConnection tags: - App Connections description: Delete the specified Travis CI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Travis CI Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/travis-ci/connection-name/{connectionName}: get: operationId: getTravisCIAppConnectionByName tags: - App Connections description: Get the specified Travis CI Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Travis CI Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Travis CI Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/travis-ci/{connectionId}/rotate-credentials: post: operationId: rotateTravisCIAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Travis CI Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Travis CI Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - travis-ci method: type: string enum: - api-token credentials: type: object properties: {} additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Travis CI (API Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/salesforce: get: operationId: listSalesforceAppConnections tags: - App Connections description: List the Salesforce Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Salesforce Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSalesforceAppConnection tags: - App Connections description: Create a Salesforce Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - client-credentials description: The method used to authenticate with Salesforce. credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. consumerKey: type: string minLength: 1 description: The Consumer Key of your Salesforce External App. consumerSecret: type: string minLength: 1 description: The Consumer Secret of your Salesforce External App. required: - instanceUrl - consumerKey - consumerSecret additionalProperties: false description: The credentials used to connect with Salesforce. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Salesforce Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Salesforce Connection. projectId: type: string description: The ID of the project to create the Salesforce Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Salesforce Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Salesforce Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/salesforce/available: get: operationId: listSalesforceAvailableAppConnections tags: - App Connections description: List the Salesforce Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Salesforce Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/salesforce/{connectionId}: get: operationId: getSalesforceAppConnection tags: - App Connections description: Get the specified Salesforce Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Salesforce Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSalesforceAppConnection tags: - App Connections description: Update the specified Salesforce Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. consumerKey: type: string minLength: 1 description: The Consumer Key of your Salesforce External App. consumerSecret: type: string minLength: 1 description: The Consumer Secret of your Salesforce External App. required: - instanceUrl - consumerKey - consumerSecret additionalProperties: false description: The credentials used to connect with Salesforce. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Salesforce Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Salesforce Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Salesforce Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Salesforce Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Salesforce Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Salesforce Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSalesforceAppConnection tags: - App Connections description: Delete the specified Salesforce Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Salesforce Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/salesforce/connection-name/{connectionName}: get: operationId: getSalesforceAppConnectionByName tags: - App Connections description: Get the specified Salesforce Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Salesforce Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Salesforce Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/salesforce/{connectionId}/rotate-credentials: post: operationId: rotateSalesforceAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Salesforce Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Salesforce Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - salesforce method: type: string enum: - client-credentials credentials: type: object properties: instanceUrl: type: string minLength: 1 description: The instance URL of the Salesforce org to connect to. required: - instanceUrl additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Salesforce (Client Credentials) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/snowflake: get: operationId: listSnowflakeAppConnections tags: - App Connections description: List the Snowflake Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Snowflake Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSnowflakeAppConnection tags: - App Connections description: Create a Snowflake Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - username-and-token description: The method used to authenticate with Snowflake. credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. password: type: string minLength: 1 description: The Programmatic Access Token used to authenticate with Snowflake. required: - account - username - password additionalProperties: false description: The credentials used to connect with Snowflake. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Snowflake Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Snowflake Connection. projectId: type: string description: The ID of the project to create the Snowflake Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Snowflake Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Snowflake Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/snowflake/available: get: operationId: listSnowflakeAvailableAppConnections tags: - App Connections description: List the Snowflake Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Snowflake Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/snowflake/{connectionId}: get: operationId: getSnowflakeAppConnection tags: - App Connections description: Get the specified Snowflake Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Snowflake Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSnowflakeAppConnection tags: - App Connections description: Update the specified Snowflake Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. password: type: string minLength: 1 description: The Programmatic Access Token used to authenticate with Snowflake. required: - account - username - password additionalProperties: false description: The credentials used to connect with Snowflake. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Snowflake Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Snowflake Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Snowflake Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Snowflake Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Snowflake Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Snowflake Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSnowflakeAppConnection tags: - App Connections description: Delete the specified Snowflake Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Snowflake Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/snowflake/connection-name/{connectionName}: get: operationId: getSnowflakeAppConnectionByName tags: - App Connections description: Get the specified Snowflake Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Snowflake Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Snowflake Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/snowflake/{connectionId}/rotate-credentials: post: operationId: rotateSnowflakeAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Snowflake Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Snowflake Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - snowflake method: type: string enum: - username-and-token credentials: type: object properties: account: type: string minLength: 1 description: The Snowflake account identifier (e.g., xy12345.us-east-1). username: type: string minLength: 1 description: The username (login name) used to authenticate with Snowflake. required: - account - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Snowflake (Username and Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/datadog: get: operationId: listDatadogAppConnections tags: - App Connections description: List the Datadog Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Datadog Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDatadogAppConnection tags: - App Connections description: Create a Datadog Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - api-key description: The method used to authenticate with Datadog. credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). apiKey: type: string minLength: 1 description: The Datadog API key used to authenticate. applicationKey: type: string minLength: 1 description: The Datadog Application key used to authenticate. required: - url - apiKey - applicationKey additionalProperties: false description: The credentials used to connect with Datadog. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Datadog Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Datadog Connection. projectId: type: string description: The ID of the project to create the Datadog Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Datadog Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Datadog Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/datadog/available: get: operationId: listDatadogAvailableAppConnections tags: - App Connections description: List the Datadog Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Datadog Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/datadog/{connectionId}: get: operationId: getDatadogAppConnection tags: - App Connections description: Get the specified Datadog Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Datadog Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDatadogAppConnection tags: - App Connections description: Update the specified Datadog Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). apiKey: type: string minLength: 1 description: The Datadog API key used to authenticate. applicationKey: type: string minLength: 1 description: The Datadog Application key used to authenticate. required: - url - apiKey - applicationKey additionalProperties: false description: The credentials used to connect with Datadog. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Datadog Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Datadog Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Datadog Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Datadog Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Datadog Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Datadog Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDatadogAppConnection tags: - App Connections description: Delete the specified Datadog Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Datadog Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/datadog/connection-name/{connectionName}: get: operationId: getDatadogAppConnectionByName tags: - App Connections description: Get the specified Datadog Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Datadog Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Datadog Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/datadog/{connectionId}/rotate-credentials: post: operationId: rotateDatadogAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Datadog Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Datadog Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - datadog method: type: string enum: - api-key credentials: type: object properties: url: type: string format: uri minLength: 1 maxLength: 255 description: The Datadog site URL to connect to (e.g., 'https://api.datadoghq.com'). required: - url additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Datadog (API Key) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/f5-big-ip: get: operationId: listF5BigIpAppConnections tags: - App Connections description: List the F5 BIG-IP Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list F5 BIG-IP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createF5BigIpAppConnection tags: - App Connections description: Create a F5 BIG-IP Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - basic-auth description: The method used to authenticate with F5 BIG-IP. credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 password: type: string minLength: 1 maxLength: 512 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username - password additionalProperties: false description: The credentials used to connect with F5 BIG-IP. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the F5 BIG-IP Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the F5 BIG-IP Connection. projectId: type: string description: The ID of the project to create the F5 BIG-IP Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for F5 BIG-IP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for F5 BIG-IP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for F5 BIG-IP Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/f5-big-ip/available: get: operationId: listF5BigIpAvailableAppConnections tags: - App Connections description: List the F5 BIG-IP Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list F5 BIG-IP Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - f5-big-ip name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/f5-big-ip/{connectionId}: get: operationId: getF5BigIpAppConnection tags: - App Connections description: Get the specified F5 BIG-IP Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the F5 BIG-IP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateF5BigIpAppConnection tags: - App Connections description: Update the specified F5 BIG-IP Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 password: type: string minLength: 1 maxLength: 512 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username - password additionalProperties: false description: The credentials used to connect with F5 BIG-IP. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the F5 BIG-IP Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the F5 BIG-IP Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for F5 BIG-IP Connections. gatewayId: type: string format: uuid nullable: true description: The Gateway ID to use for this connection. gatewayPoolId: type: string format: uuid nullable: true description: The Gateway Pool ID to use for this connection. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for F5 BIG-IP Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for F5 BIG-IP Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the F5 BIG-IP Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteF5BigIpAppConnection tags: - App Connections description: Delete the specified F5 BIG-IP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the F5 BIG-IP Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/f5-big-ip/connection-name/{connectionName}: get: operationId: getF5BigIpAppConnectionByName tags: - App Connections description: Get the specified F5 BIG-IP Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the F5 BIG-IP Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the F5 BIG-IP Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/f5-big-ip/{connectionId}/rotate-credentials: post: operationId: rotateF5BigIpAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified F5 BIG-IP Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the F5 BIG-IP Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - f5-big-ip method: type: string enum: - basic-auth credentials: type: object properties: hostname: type: string minLength: 1 maxLength: 512 port: type: integer minimum: 1 maximum: 65535 username: type: string minLength: 1 maxLength: 256 sslRejectUnauthorized: type: boolean sslCertificate: type: string required: - hostname - username additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: F5 BIG-IP (Basic Auth) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/convex: get: operationId: listConvexAppConnections tags: - App Connections description: List the Convex Connections for the current organization or project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Convex Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createConvexAppConnection tags: - App Connections description: Create a Convex Connection. requestBody: required: true content: application/json: schema: allOf: - anyOf: - type: object properties: method: type: string enum: - personal-access-token description: The method used to authenticate with Convex. credentials: type: object properties: accessToken: type: string minLength: 1 description: The Convex deploy key or access token used to authenticate with the Convex API. instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. required: - accessToken additionalProperties: false description: The credentials used to connect with Convex. required: - method - credentials additionalProperties: false - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Convex Connection to create. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: An optional description for the Convex Connection. projectId: type: string description: The ID of the project to create the Convex Connection in. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Convex Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Convex Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. required: - name responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/convex/available: get: operationId: listConvexAvailableAppConnections tags: - App Connections description: List the Convex Connections the current user has permission to establish connections within this project. parameters: - schema: type: string in: query name: projectId required: false description: The ID of the project to list Convex Connections from. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnections: type: array items: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid projectId: type: string nullable: true orgId: type: string required: - app - name - id - orgId additionalProperties: false required: - appConnections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/convex/{connectionId}: get: operationId: getConvexAppConnection tags: - App Connections description: Get the specified Convex Connection by ID. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Convex Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateConvexAppConnection tags: - App Connections description: Update the specified Convex Connection. requestBody: required: true content: application/json: schema: allOf: - type: object properties: credentials: type: object properties: accessToken: type: string minLength: 1 description: The Convex deploy key or access token used to authenticate with the Convex API. instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. required: - accessToken additionalProperties: false description: The credentials used to connect with Convex. - type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Convex Connection. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Convex Connection. isPlatformManagedCredentials: type: boolean enum: - false description: Not supported for Convex Connections. gatewayId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. gatewayPoolId: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. isAutoRotationEnabled: type: boolean enum: - false description: Not supported for Convex Connections. rotation: anyOf: - not: {} - enum: - 'null' nullable: true description: Not supported for Convex Connections. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Convex Connection to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteConvexAppConnection tags: - App Connections description: Delete the specified Convex Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Convex Connection to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/convex/connection-name/{connectionName}: get: operationId: getConvexAppConnectionByName tags: - App Connections description: Get the specified Convex Connection by name. parameters: - schema: type: string in: query name: projectId required: false description: The project ID of the Convex Connection is associated with. Leave unspecified to get organization-level connections. - schema: type: string minLength: 1 in: path name: connectionName required: true description: The name of the Convex Connection to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/app-connections/convex/{connectionId}/rotate-credentials: post: operationId: rotateConvexAppConnectionCredentials tags: - App Connections description: Rotate the credentials for the specified Convex Connection. parameters: - schema: type: string format: uuid in: path name: connectionId required: true description: The ID of the Convex Connection to rotate credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: appConnection: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true version: type: number default: 1 orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isPlatformManagedCredentials: type: boolean default: false nullable: true gatewayId: type: string format: uuid nullable: true projectId: type: string nullable: true isAutoRotationEnabled: type: boolean default: false gatewayPoolId: type: string format: uuid nullable: true rotation: type: object properties: lastRotationMessage: type: string nullable: true description: The message from the last rotation attempt. rotationInterval: type: number description: The interval in days between credential rotations. nextRotationAt: type: string format: date-time nullable: true description: The next scheduled rotation time. rotationStatus: type: string enum: - success - failed description: The status of the last rotation attempt. rotateAtUtc: type: object properties: hours: type: number description: The hour (0-23) at which to rotate. minutes: type: number description: The minute (0-59) at which to rotate. required: - hours - minutes additionalProperties: false description: The UTC time of day at which rotation should occur. required: - rotationInterval - rotationStatus - rotateAtUtc additionalProperties: false description: The credential rotation configuration, if configured. credentialsHash: type: string project: type: object properties: name: type: string id: type: string type: type: string slug: type: string required: - name - id - type - slug additionalProperties: false nullable: true app: type: string enum: - convex method: type: string enum: - personal-access-token credentials: type: object properties: instanceUrl: type: string format: uri description: The Convex API instance URL. Defaults to 'https://api.convex.dev' if not provided. additionalProperties: false required: - id - name - orgId - createdAt - updatedAt - app - method - credentials additionalProperties: false title: Convex (Personal Access Token) required: - appConnection additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/options: get: operationId: listSecretSyncOptions tags: - Secret Syncs description: List the available Secret Sync Options. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncOptions: type: array items: anyOf: - type: object properties: name: type: string enum: - AWS Parameter Store connection: type: string enum: - aws destination: type: string enum: - aws-parameter-store canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: AWS Parameter Store - type: object properties: name: type: string enum: - AWS Secrets Manager connection: type: string enum: - aws destination: type: string enum: - aws-secrets-manager canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: AWS Secrets Manager - type: object properties: name: type: string enum: - GitHub connection: type: string enum: - github destination: type: string enum: - github canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: GitHub - type: object properties: name: type: string enum: - GCP Secret Manager connection: type: string enum: - gcp destination: type: string enum: - gcp-secret-manager canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: GCP Secret Manager - type: object properties: name: type: string enum: - Azure Key Vault connection: type: string enum: - azure-key-vault destination: type: string enum: - azure-key-vault canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Azure Key Vault - type: object properties: name: type: string enum: - Azure App Configuration connection: type: string enum: - azure-app-configuration destination: type: string enum: - azure-app-configuration canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Azure App Configuration - type: object properties: name: type: string enum: - Azure DevOps connection: type: string enum: - azure-devops destination: type: string enum: - azure-devops canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Azure DevOps - type: object properties: name: type: string enum: - Databricks connection: type: string enum: - databricks destination: type: string enum: - databricks canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Databricks - type: object properties: name: type: string enum: - Humanitec connection: type: string enum: - humanitec destination: type: string enum: - humanitec canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Humanitec - type: object properties: name: type: string enum: - Terraform Cloud connection: type: string enum: - terraform-cloud destination: type: string enum: - terraform-cloud canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Terraform Cloud - type: object properties: name: type: string enum: - Camunda connection: type: string enum: - camunda destination: type: string enum: - camunda canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Camunda - type: object properties: name: type: string enum: - Vercel connection: type: string enum: - vercel destination: type: string enum: - vercel canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Vercel - type: object properties: name: type: string enum: - Windmill connection: type: string enum: - windmill destination: type: string enum: - windmill canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Windmill - type: object properties: name: type: string enum: - Hashicorp Vault connection: type: string enum: - hashicorp-vault destination: type: string enum: - hashicorp-vault canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Hashicorp Vault - type: object properties: name: type: string enum: - TeamCity connection: type: string enum: - teamcity destination: type: string enum: - teamcity canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: TeamCity - type: object properties: name: type: string enum: - OCI Vault connection: type: string enum: - oci destination: type: string enum: - oci-vault canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true enterprise: type: boolean required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion - enterprise additionalProperties: false title: OCI Vault - type: object properties: name: type: string enum: - 1Password connection: type: string enum: - 1password destination: type: string enum: - 1password canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: 1Password - type: object properties: name: type: string enum: - Heroku connection: type: string enum: - heroku destination: type: string enum: - heroku canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Heroku - type: object properties: name: type: string enum: - Render connection: type: string enum: - render destination: type: string enum: - render canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Render - type: object properties: name: type: string enum: - Fly.io connection: type: string enum: - flyio destination: type: string enum: - flyio canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Fly.io - type: object properties: name: type: string enum: - GitLab connection: type: string enum: - gitlab destination: type: string enum: - gitlab canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: GitLab - type: object properties: name: type: string enum: - Cloudflare Pages connection: type: string enum: - cloudflare destination: type: string enum: - cloudflare-pages canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Cloudflare Pages - type: object properties: name: type: string enum: - Cloudflare Workers connection: type: string enum: - cloudflare destination: type: string enum: - cloudflare-workers canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Cloudflare Workers - type: object properties: name: type: string enum: - Digital Ocean App Platform connection: type: string enum: - digital-ocean destination: type: string enum: - digital-ocean-app-platform canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Digital Ocean App Platform - type: object properties: name: type: string enum: - Zabbix connection: type: string enum: - zabbix destination: type: string enum: - zabbix canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Zabbix - type: object properties: name: type: string enum: - Railway connection: type: string enum: - railway destination: type: string enum: - railway canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Railway - type: object properties: name: type: string enum: - Checkly connection: type: string enum: - checkly destination: type: string enum: - checkly canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Checkly - type: object properties: name: type: string enum: - Supabase connection: type: string enum: - supabase destination: type: string enum: - supabase canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Supabase - type: object properties: name: type: string enum: - Netlify connection: type: string enum: - netlify destination: type: string enum: - netlify canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Netlify - type: object properties: name: type: string enum: - Northflank connection: type: string enum: - northflank destination: type: string enum: - northflank canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Northflank - type: object properties: name: type: string enum: - Bitbucket connection: type: string enum: - bitbucket destination: type: string enum: - bitbucket canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Bitbucket - type: object properties: name: type: string enum: - Laravel Forge connection: type: string enum: - laravel-forge destination: type: string enum: - laravel-forge canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Laravel Forge - type: object properties: name: type: string enum: - Chef connection: type: string enum: - chef destination: type: string enum: - chef canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true enterprise: type: boolean required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion - enterprise additionalProperties: false title: Chef - type: object properties: name: type: string enum: - Octopus Deploy connection: type: string enum: - octopus-deploy destination: type: string enum: - octopus-deploy canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Octopus Deploy - type: object properties: name: type: string enum: - CircleCI connection: type: string enum: - circleci destination: type: string enum: - circleci canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: CircleCI - type: object properties: name: type: string enum: - Azure Entra ID SCIM connection: type: string enum: - azure-entra-id destination: type: string enum: - azure-entra-id-scim canImportSecrets: type: boolean enum: - false supportsKeySchema: type: boolean enum: - false supportsDisableSecretDeletion: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - false required: - name - connection - destination - canImportSecrets - supportsKeySchema - supportsDisableSecretDeletion - canRemoveSecretsOnDeletion additionalProperties: false title: Azure Entra ID SCIM - type: object properties: name: type: string enum: - Infisical connection: type: string enum: - external-infisical destination: type: string enum: - external-infisical canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true supportsKeySchema: type: boolean enum: - false required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion - supportsKeySchema additionalProperties: false title: Infisical - type: object properties: name: type: string enum: - OVH connection: type: string enum: - ovh destination: type: string enum: - ovh canImportSecrets: type: boolean enum: - true canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: OVH - type: object properties: name: type: string enum: - Devin connection: type: string enum: - devin destination: type: string enum: - devin canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Devin - type: object properties: name: type: string enum: - Ona connection: type: string enum: - ona destination: type: string enum: - ona canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Ona - type: object properties: name: type: string enum: - Travis CI connection: type: string enum: - travis-ci destination: type: string enum: - travis-ci canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Travis CI - type: object properties: name: type: string enum: - Snowflake connection: type: string enum: - snowflake destination: type: string enum: - snowflake canImportSecrets: type: boolean enum: - false canRemoveSecretsOnDeletion: type: boolean enum: - true required: - name - connection - destination - canImportSecrets - canRemoveSecretsOnDeletion additionalProperties: false title: Snowflake required: - secretSyncOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs: get: operationId: listSecretSyncs tags: - Secret Syncs description: List all the Secret Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Secret Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store: get: operationId: listAwsParameterStoreSecretSyncs tags: - Secret Syncs description: List the AWS Parameter Store Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list AWS Parameter Store Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsParameterStoreSecretSync tags: - Secret Syncs description: Create an AWS Parameter Store Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the AWS Parameter Store Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the AWS Parameter Store Sync. connectionId: type: string format: uuid description: The ID of the AWS Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store/{syncId}: get: operationId: getAwsParameterStoreSecretSync tags: - Secret Syncs description: Get the specified AWS Parameter Store Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsParameterStoreSecretSync tags: - Secret Syncs description: Update the specified AWS Parameter Store Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the AWS Parameter Store Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the AWS Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the AWS Parameter Store Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsParameterStoreSecretSync tags: - Secret Syncs description: Delete the specified AWS Parameter Store Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store/sync-name/{syncName}: get: operationId: getAwsParameterStoreSecretSyncByName tags: - Secret Syncs description: Get the specified AWS Parameter Store Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the AWS Parameter Store Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the AWS Parameter Store Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store/{syncId}/sync-secrets: post: operationId: syncAwsParameterStoreSecretSync tags: - Secret Syncs description: Trigger a sync for the specified AWS Parameter Store Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store/{syncId}/import-secrets: post: operationId: importAwsParameterStoreSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified AWS Parameter Store Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or AWS Parameter Store. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-parameter-store/{syncId}/remove-secrets: post: operationId: removeAwsParameterStoreSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified AWS Parameter Store Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Parameter Store Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Parameter Store destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Parameter Store destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Parameter Store destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional resource tags to add to parameters synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as resource tags to parameters synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-parameter-store destinationConfig: type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. path: type: string minLength: 1 maxLength: 2048 description: The Parameter Store path to sync secrets to. required: - region - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Parameter Store required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager: get: operationId: listAwsSecretsManagerSecretSyncs tags: - Secret Syncs description: List the AWS Secrets Manager Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list AWS Secrets Manager Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAwsSecretsManagerSecretSync tags: - Secret Syncs description: Create an AWS Secrets Manager Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the AWS Secrets Manager Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the AWS Secrets Manager Sync. connectionId: type: string format: uuid description: The ID of the AWS Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager/{syncId}: get: operationId: getAwsSecretsManagerSecretSync tags: - Secret Syncs description: Get the specified AWS Secrets Manager Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAwsSecretsManagerSecretSync tags: - Secret Syncs description: Update the specified AWS Secrets Manager Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the AWS Secrets Manager Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the AWS Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the AWS Secrets Manager Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAwsSecretsManagerSecretSync tags: - Secret Syncs description: Delete the specified AWS Secrets Manager Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager/sync-name/{syncName}: get: operationId: getAwsSecretsManagerSecretSyncByName tags: - Secret Syncs description: Get the specified AWS Secrets Manager Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the AWS Secrets Manager Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the AWS Secrets Manager Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager/{syncId}/sync-secrets: post: operationId: syncAwsSecretsManagerSecretSync tags: - Secret Syncs description: Trigger a sync for the specified AWS Secrets Manager Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager/{syncId}/import-secrets: post: operationId: importAwsSecretsManagerSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified AWS Secrets Manager Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or AWS Secrets Manager. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/aws-secrets-manager/{syncId}/remove-secrets: post: operationId: removeAwsSecretsManagerSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified AWS Secrets Manager Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the AWS Secrets Manager Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the AWS Secrets Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the AWS Secrets Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the AWS Secrets Manager destination when syncing. keyId: type: string minLength: 1 maxLength: 256 description: The AWS KMS key ID or alias to use when encrypting parameters synced by Infisical. tags: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 128 value: type: string maxLength: 256 required: - key - value additionalProperties: false maxItems: 50 description: Optional tags to add to secrets synced by Infisical. syncSecretMetadataAsTags: type: boolean description: Whether Infisical secret metadata should be added as tags to secrets synced by Infisical. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - aws-secrets-manager destinationConfig: allOf: - anyOf: - type: object properties: mappingBehavior: type: string enum: - one-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. required: - mappingBehavior additionalProperties: false - type: object properties: mappingBehavior: type: string enum: - many-to-one description: How secrets from Infisical should be mapped to AWS Secrets Manager; one-to-one or many-to-one. secretName: type: string minLength: 1 maxLength: 256 description: The secret name in AWS Secrets Manager to sync to when using mapping behavior many-to-one. required: - mappingBehavior - secretName additionalProperties: false - type: object properties: region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to sync secrets to. required: - region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: AWS Secrets Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github: get: operationId: listGitHubSecretSyncs tags: - Secret Syncs description: List the GitHub Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list GitHub Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitHubSecretSync tags: - Secret Syncs description: Create a GitHub Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the GitHub Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the GitHub Sync. connectionId: type: string format: uuid description: The ID of the GitHub Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github/{syncId}: get: operationId: getGitHubSecretSync tags: - Secret Syncs description: Get the specified GitHub Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitHubSecretSync tags: - Secret Syncs description: Update the specified GitHub Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the GitHub Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the GitHub Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the GitHub Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitHubSecretSync tags: - Secret Syncs description: Delete the specified GitHub Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github/sync-name/{syncName}: get: operationId: getGitHubSecretSyncByName tags: - Secret Syncs description: Get the specified GitHub Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the GitHub Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the GitHub Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github/{syncId}/sync-secrets: post: operationId: syncGitHubSecretSync tags: - Secret Syncs description: Trigger a sync for the specified GitHub Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github/{syncId}/import-secrets: post: operationId: importGitHubSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified GitHub Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or GitHub. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/github/{syncId}/remove-secrets: post: operationId: removeGitHubSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified GitHub Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitHub Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitHub destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitHub destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitHub destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - github name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - github destinationConfig: anyOf: - type: object properties: scope: type: string enum: - organization description: The GitHub scope that secrets should be synced to org: type: string minLength: 1 description: The name of the GitHub organization. visibility: type: string enum: - all - private - selected selectedRepositoryIds: type: array items: type: number required: - scope - org - visibility additionalProperties: false - type: object properties: scope: type: string enum: - repository description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. required: - scope - owner - repo additionalProperties: false - type: object properties: scope: type: string enum: - repository-environment description: The GitHub scope that secrets should be synced to owner: type: string minLength: 1 description: The name of the GitHub account owner of the repository. repo: type: string minLength: 1 description: The name of the GitHub repository. env: type: string minLength: 1 description: The name of the GitHub environment. required: - scope - owner - repo - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitHub required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager: get: operationId: listGcpSecretManagerSecretSyncs tags: - Secret Syncs description: List the GCP Secret Manager Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list GCP Secret Manager Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGcpSecretManagerSecretSync tags: - Secret Syncs description: Create a GCP Secret Manager Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the GCP Secret Manager Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the GCP Secret Manager Sync. connectionId: type: string format: uuid description: The ID of the GCP Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager/{syncId}: get: operationId: getGcpSecretManagerSecretSync tags: - Secret Syncs description: Get the specified GCP Secret Manager Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGcpSecretManagerSecretSync tags: - Secret Syncs description: Update the specified GCP Secret Manager Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the GCP Secret Manager Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the GCP Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the GCP Secret Manager Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGcpSecretManagerSecretSync tags: - Secret Syncs description: Delete the specified GCP Secret Manager Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager/sync-name/{syncName}: get: operationId: getGcpSecretManagerSecretSyncByName tags: - Secret Syncs description: Get the specified GCP Secret Manager Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the GCP Secret Manager Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the GCP Secret Manager Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager/{syncId}/sync-secrets: post: operationId: syncGcpSecretManagerSecretSync tags: - Secret Syncs description: Trigger a sync for the specified GCP Secret Manager Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager/{syncId}/import-secrets: post: operationId: importGcpSecretManagerSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified GCP Secret Manager Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or GCP Secret Manager. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gcp-secret-manager/{syncId}/remove-secrets: post: operationId: removeGcpSecretManagerSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified GCP Secret Manager Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GCP Secret Manager Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the GCP Secret Manager destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GCP Secret Manager destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GCP Secret Manager destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gcp name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gcp-secret-manager destinationConfig: anyOf: - type: object properties: scope: type: string enum: - global description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. required: - scope - projectId additionalProperties: false title: Global - type: object properties: scope: type: string enum: - region description: The Google project scope that secrets should be synced to. projectId: type: string minLength: 1 description: The ID of the Google project secrets should be synced to. locationId: type: string enum: - asia-southeast3 - asia-south2 - asia-east2 - asia-southeast2 - australia-southeast2 - asia-south1 - asia-northeast2 - asia-northeast3 - asia-southeast1 - australia-southeast1 - asia-east1 - asia-northeast1 - europe-west1 - europe-west10 - europe-north1 - europe-north2 - europe-west3 - europe-west2 - europe-southwest1 - europe-west8 - europe-west4 - europe-west12 - europe-west9 - europe-central2 - europe-west6 - us-central1 - us-west4 - us-west2 - northamerica-south1 - northamerica-northeast1 - us-east4 - us-central2 - us-west1 - us-west3 - us-east1 - northamerica-northeast2 - us-east5 - us-south1 - us-west8 - southamerica-east1 - southamerica-west1 - me-central2 - me-central1 - me-west1 - africa-south1 description: The ID of the Google project location secrets should be synced to (ie "us-west4"). required: - scope - projectId - locationId additionalProperties: false title: Region required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GCP Secret Manager required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault: get: operationId: listAzureKeyVaultSecretSyncs tags: - Secret Syncs description: List the Azure Key Vault Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Azure Key Vault Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureKeyVaultSecretSync tags: - Secret Syncs description: Create an Azure Key Vault Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Azure Key Vault Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Key Vault Sync. connectionId: type: string format: uuid description: The ID of the Azure Key Vault Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault/{syncId}: get: operationId: getAzureKeyVaultSecretSync tags: - Secret Syncs description: Get the specified Azure Key Vault Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureKeyVaultSecretSync tags: - Secret Syncs description: Update the specified Azure Key Vault Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Azure Key Vault Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Azure Key Vault Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Key Vault Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureKeyVaultSecretSync tags: - Secret Syncs description: Delete the specified Azure Key Vault Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault/sync-name/{syncName}: get: operationId: getAzureKeyVaultSecretSyncByName tags: - Secret Syncs description: Get the specified Azure Key Vault Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Azure Key Vault Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Azure Key Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault/{syncId}/sync-secrets: post: operationId: syncAzureKeyVaultSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Azure Key Vault Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault/{syncId}/import-secrets: post: operationId: importAzureKeyVaultSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Azure Key Vault Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Azure Key Vault. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-key-vault/{syncId}/remove-secrets: post: operationId: removeAzureKeyVaultSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Azure Key Vault Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Key Vault Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure Key Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure Key Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure Key Vault destination when syncing. disableCertificateImport: type: boolean description: Whether Infisical should skip importing certificate objects from Azure Key Vault when syncing secrets. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-key-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-key-vault destinationConfig: type: object properties: vaultBaseUrl: type: string format: uri minLength: 1 description: 'The base URL of the Azure Key Vault to sync secrets to. Example: https://example.vault.azure.net/' required: - vaultBaseUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Key Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration: get: operationId: listAzureAppConfigurationSecretSyncs tags: - Secret Syncs description: List the Azure App Configuration Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Azure App Configuration Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureAppConfigurationSecretSync tags: - Secret Syncs description: Create an Azure App Configuration Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Azure App Configuration Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure App Configuration Sync. connectionId: type: string format: uuid description: The ID of the Azure App Configuration Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration/{syncId}: get: operationId: getAzureAppConfigurationSecretSync tags: - Secret Syncs description: Get the specified Azure App Configuration Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureAppConfigurationSecretSync tags: - Secret Syncs description: Update the specified Azure App Configuration Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Azure App Configuration Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Azure App Configuration Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure App Configuration Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureAppConfigurationSecretSync tags: - Secret Syncs description: Delete the specified Azure App Configuration Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration/sync-name/{syncName}: get: operationId: getAzureAppConfigurationSecretSyncByName tags: - Secret Syncs description: Get the specified Azure App Configuration Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Azure App Configuration Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Azure App Configuration Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration/{syncId}/sync-secrets: post: operationId: syncAzureAppConfigurationSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Azure App Configuration Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration/{syncId}/import-secrets: post: operationId: importAzureAppConfigurationSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Azure App Configuration Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Azure App Configuration. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-app-configuration/{syncId}/remove-secrets: post: operationId: removeAzureAppConfigurationSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Azure App Configuration Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure App Configuration Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Azure App Configuration destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure App Configuration destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure App Configuration destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-app-configuration name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-app-configuration destinationConfig: type: object properties: configurationUrl: type: string minLength: 1 description: 'The URL of the Azure App Configuration to sync secrets to. Example: https://example.azconfig.io/' label: type: string description: An optional label to assign to secrets created in Azure App Configuration. required: - configurationUrl additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure App Configuration required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops: get: operationId: listAzureDevopsSecretSyncs tags: - Secret Syncs description: List the Azure DevOps Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Azure DevOps Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureDevopsSecretSync tags: - Secret Syncs description: Create an Azure DevOps Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Azure DevOps Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure DevOps Sync. connectionId: type: string format: uuid description: The ID of the Azure DevOps Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops/{syncId}: get: operationId: getAzureDevopsSecretSync tags: - Secret Syncs description: Get the specified Azure DevOps Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureDevopsSecretSync tags: - Secret Syncs description: Update the specified Azure DevOps Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Azure DevOps Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Azure DevOps Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure DevOps Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureDevopsSecretSync tags: - Secret Syncs description: Delete the specified Azure DevOps Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops/sync-name/{syncName}: get: operationId: getAzureDevopsSecretSyncByName tags: - Secret Syncs description: Get the specified Azure DevOps Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Azure DevOps Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Azure DevOps Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops/{syncId}/sync-secrets: post: operationId: syncAzureDevopsSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Azure DevOps Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops/{syncId}/import-secrets: post: operationId: importAzureDevopsSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Azure DevOps Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Azure DevOps. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-devops/{syncId}/remove-secrets: post: operationId: removeAzureDevopsSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Azure DevOps Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure DevOps Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure DevOps destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Azure DevOps destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Azure DevOps destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-devops name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-devops destinationConfig: type: object properties: devopsProjectId: type: string minLength: 1 description: The ID of the Azure DevOps project to sync secrets to. devopsProjectName: type: string description: The name of the Azure DevOps project to sync secrets to. required: - devopsProjectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure DevOps required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks: get: operationId: listDatabricksSecretSyncs tags: - Secret Syncs description: List the Databricks Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Databricks Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDatabricksSecretSync tags: - Secret Syncs description: Create a Databricks Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Databricks Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Databricks Sync. connectionId: type: string format: uuid description: The ID of the Databricks Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks/{syncId}: get: operationId: getDatabricksSecretSync tags: - Secret Syncs description: Get the specified Databricks Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDatabricksSecretSync tags: - Secret Syncs description: Update the specified Databricks Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Databricks Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Databricks Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Databricks Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDatabricksSecretSync tags: - Secret Syncs description: Delete the specified Databricks Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks/sync-name/{syncName}: get: operationId: getDatabricksSecretSyncByName tags: - Secret Syncs description: Get the specified Databricks Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Databricks Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Databricks Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks/{syncId}/sync-secrets: post: operationId: syncDatabricksSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Databricks Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks/{syncId}/import-secrets: post: operationId: importDatabricksSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Databricks Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Databricks. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/databricks/{syncId}/remove-secrets: post: operationId: removeDatabricksSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Databricks Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Databricks Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Databricks destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Databricks destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Databricks destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - databricks destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Databricks secret scope that secrets should be synced to. required: - scope additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Databricks required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec: get: operationId: listHumanitecSecretSyncs tags: - Secret Syncs description: List the Humanitec Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Humanitec Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHumanitecSecretSync tags: - Secret Syncs description: Create a Humanitec Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Humanitec Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Humanitec Sync. connectionId: type: string format: uuid description: The ID of the Humanitec Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec/{syncId}: get: operationId: getHumanitecSecretSync tags: - Secret Syncs description: Get the specified Humanitec Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHumanitecSecretSync tags: - Secret Syncs description: Update the specified Humanitec Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Humanitec Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Humanitec Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Humanitec Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHumanitecSecretSync tags: - Secret Syncs description: Delete the specified Humanitec Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec/sync-name/{syncName}: get: operationId: getHumanitecSecretSyncByName tags: - Secret Syncs description: Get the specified Humanitec Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Humanitec Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Humanitec Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec/{syncId}/sync-secrets: post: operationId: syncHumanitecSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Humanitec Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec/{syncId}/import-secrets: post: operationId: importHumanitecSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Humanitec Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Humanitec. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/humanitec/{syncId}/remove-secrets: post: operationId: removeHumanitecSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Humanitec Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Humanitec Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Humanitec destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Humanitec destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Humanitec destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - humanitec name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - humanitec destinationConfig: anyOf: - type: object properties: scope: type: string enum: - application description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. required: - scope - org - app additionalProperties: false - type: object properties: scope: type: string enum: - environment description: The Humanitec scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Humanitec org to sync secrets to. app: type: string minLength: 1 description: The ID of the Humanitec app to sync secrets to. env: type: string minLength: 1 description: The ID of the Humanitec environment to sync secrets to. required: - scope - org - app - env additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Humanitec required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud: get: operationId: listTerraformCloudSecretSyncs tags: - Secret Syncs description: List the Terraform Cloud Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Terraform Cloud Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTerraformCloudSecretSync tags: - Secret Syncs description: Create a Terraform Cloud Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Terraform Cloud Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Terraform Cloud Sync. connectionId: type: string format: uuid description: The ID of the Terraform Cloud Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud/{syncId}: get: operationId: getTerraformCloudSecretSync tags: - Secret Syncs description: Get the specified Terraform Cloud Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTerraformCloudSecretSync tags: - Secret Syncs description: Update the specified Terraform Cloud Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Terraform Cloud Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Terraform Cloud Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Terraform Cloud Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTerraformCloudSecretSync tags: - Secret Syncs description: Delete the specified Terraform Cloud Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud/sync-name/{syncName}: get: operationId: getTerraformCloudSecretSyncByName tags: - Secret Syncs description: Get the specified Terraform Cloud Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Terraform Cloud Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Terraform Cloud Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud/{syncId}/sync-secrets: post: operationId: syncTerraformCloudSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Terraform Cloud Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud/{syncId}/import-secrets: post: operationId: importTerraformCloudSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Terraform Cloud Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Terraform Cloud. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/terraform-cloud/{syncId}/remove-secrets: post: operationId: removeTerraformCloudSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Terraform Cloud Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Terraform Cloud Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Terraform Cloud destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Terraform Cloud destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Terraform Cloud destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - terraform-cloud name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - terraform-cloud destinationConfig: anyOf: - type: object properties: scope: type: string enum: - variable-set description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. variableSetName: type: string minLength: 1 description: The name of the Terraform Cloud Variable Set to sync secrets to. variableSetId: type: string minLength: 1 description: The ID of the Terraform Cloud Variable Set to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - variableSetName - variableSetId - category additionalProperties: false - type: object properties: scope: type: string enum: - workspace description: The Terraform Cloud scope that secrets should be synced to. org: type: string minLength: 1 description: The ID of the Terraform Cloud org to sync secrets to. workspaceName: type: string minLength: 1 description: The name of the Terraform Cloud workspace to sync secrets to. workspaceId: type: string minLength: 1 description: The ID of the Terraform Cloud workspace to sync secrets to. category: type: string enum: - env - terraform description: The Terraform Cloud category that secrets should be synced to. required: - scope - org - workspaceName - workspaceId - category additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Terraform Cloud required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda: get: operationId: listCamundaSecretSyncs tags: - Secret Syncs description: List the Camunda Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Camunda Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCamundaSecretSync tags: - Secret Syncs description: Create a Camunda Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Camunda Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Camunda Sync. connectionId: type: string format: uuid description: The ID of the Camunda Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda/{syncId}: get: operationId: getCamundaSecretSync tags: - Secret Syncs description: Get the specified Camunda Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCamundaSecretSync tags: - Secret Syncs description: Update the specified Camunda Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Camunda Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Camunda Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Camunda Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCamundaSecretSync tags: - Secret Syncs description: Delete the specified Camunda Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda/sync-name/{syncName}: get: operationId: getCamundaSecretSyncByName tags: - Secret Syncs description: Get the specified Camunda Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Camunda Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Camunda Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda/{syncId}/sync-secrets: post: operationId: syncCamundaSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Camunda Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda/{syncId}/import-secrets: post: operationId: importCamundaSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Camunda Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Camunda. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/camunda/{syncId}/remove-secrets: post: operationId: removeCamundaSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Camunda Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Camunda Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Camunda destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Camunda destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Camunda destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - camunda name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - camunda destinationConfig: type: object properties: scope: type: string minLength: 1 description: The Camunda scope that secrets should be synced to. clusterUUID: type: string minLength: 1 description: The UUID of the Camunda cluster that secrets should be synced to. required: - scope - clusterUUID additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Camunda required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel: get: operationId: listVercelSecretSyncs tags: - Secret Syncs description: List the Vercel Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Vercel Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createVercelSecretSync tags: - Secret Syncs description: Create a Vercel Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Vercel Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Vercel Sync. connectionId: type: string format: uuid description: The ID of the Vercel Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel/{syncId}: get: operationId: getVercelSecretSync tags: - Secret Syncs description: Get the specified Vercel Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateVercelSecretSync tags: - Secret Syncs description: Update the specified Vercel Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Vercel Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Vercel Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Vercel Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteVercelSecretSync tags: - Secret Syncs description: Delete the specified Vercel Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel/sync-name/{syncName}: get: operationId: getVercelSecretSyncByName tags: - Secret Syncs description: Get the specified Vercel Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Vercel Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Vercel Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel/{syncId}/sync-secrets: post: operationId: syncVercelSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Vercel Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel/{syncId}/import-secrets: post: operationId: importVercelSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Vercel Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Vercel. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/vercel/{syncId}/remove-secrets: post: operationId: removeVercelSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Vercel Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Vercel Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Vercel destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Vercel destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Vercel destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - vercel name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - vercel destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project app: type: string minLength: 1 description: The ID of the Vercel app to sync secrets to. appName: type: string minLength: 1 description: The name of the Vercel app to sync secrets to. env: anyOf: - type: string enum: - development - preview - production - type: string description: The ID of the Vercel environment to sync secrets to. branch: type: string description: The branch to sync preview secrets to. teamId: type: string description: The ID of the Vercel team to sync secrets to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - app - appName - env - teamId additionalProperties: false - type: object properties: scope: type: string enum: - team teamId: type: string minLength: 1 description: The ID of the Vercel team to sync secrets to. teamName: type: string description: The name of the team to sync the secrets to. This is an optional field only intended for display purposes. targetEnvironments: type: array items: type: string enum: - development - preview - production default: [] description: An optional array of Vercel default environments (development, preview, production) to add shared environment variables to. applyToAllCustomEnvironments: type: boolean default: false description: Whether to apply shared environment variables to all custom environments in the team. targetProjects: type: array items: type: string description: An optional array of Vercel projects to add shared environment variables to. sensitive: type: boolean default: false description: Whether to create Vercel environment variables as Sensitive (cannot be read back). Not allowed when targeting the Development environment. required: - scope - teamId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Vercel required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill: get: operationId: listWindmillSecretSyncs tags: - Secret Syncs description: List the Windmill Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Windmill Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createWindmillSecretSync tags: - Secret Syncs description: Create a Windmill Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Windmill Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Windmill Sync. connectionId: type: string format: uuid description: The ID of the Windmill Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill/{syncId}: get: operationId: getWindmillSecretSync tags: - Secret Syncs description: Get the specified Windmill Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateWindmillSecretSync tags: - Secret Syncs description: Update the specified Windmill Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Windmill Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Windmill Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Windmill Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteWindmillSecretSync tags: - Secret Syncs description: Delete the specified Windmill Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill/sync-name/{syncName}: get: operationId: getWindmillSecretSyncByName tags: - Secret Syncs description: Get the specified Windmill Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Windmill Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Windmill Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill/{syncId}/sync-secrets: post: operationId: syncWindmillSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Windmill Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill/{syncId}/import-secrets: post: operationId: importWindmillSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Windmill Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Windmill. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/windmill/{syncId}/remove-secrets: post: operationId: removeWindmillSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Windmill Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Windmill Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Windmill destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Windmill destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Windmill destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - windmill name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - windmill destinationConfig: type: object properties: workspace: type: string minLength: 1 description: The Windmill workspace to sync secrets to. path: type: string minLength: 1 description: The Windmill workspace path to sync secrets to. required: - workspace - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Windmill required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault: get: operationId: listHashicorpVaultSecretSyncs tags: - Secret Syncs description: List the Hashicorp Vault Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Hashicorp Vault Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHashicorpVaultSecretSync tags: - Secret Syncs description: Create a Hashicorp Vault Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Hashicorp Vault Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Hashicorp Vault Sync. connectionId: type: string format: uuid description: The ID of the Hashicorp Vault Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault/{syncId}: get: operationId: getHashicorpVaultSecretSync tags: - Secret Syncs description: Get the specified Hashicorp Vault Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHashicorpVaultSecretSync tags: - Secret Syncs description: Update the specified Hashicorp Vault Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Hashicorp Vault Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Hashicorp Vault Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Hashicorp Vault Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHashicorpVaultSecretSync tags: - Secret Syncs description: Delete the specified Hashicorp Vault Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault/sync-name/{syncName}: get: operationId: getHashicorpVaultSecretSyncByName tags: - Secret Syncs description: Get the specified Hashicorp Vault Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Hashicorp Vault Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Hashicorp Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault/{syncId}/sync-secrets: post: operationId: syncHashicorpVaultSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Hashicorp Vault Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault/{syncId}/import-secrets: post: operationId: importHashicorpVaultSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Hashicorp Vault Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Hashicorp Vault. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/hashicorp-vault/{syncId}/remove-secrets: post: operationId: removeHashicorpVaultSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Hashicorp Vault Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Hashicorp Vault Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Hashicorp Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Hashicorp Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Hashicorp Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - hashicorp-vault name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - hashicorp-vault destinationConfig: type: object properties: mount: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault Secrets Engine Mount to sync secrets to. path: type: string minLength: 1 maxLength: 128 description: The Hashicorp Vault path to sync secrets to. required: - mount - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Hashicorp Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity: get: operationId: listTeamcitySecretSyncs tags: - Secret Syncs description: List the TeamCity Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list TeamCity Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTeamcitySecretSync tags: - Secret Syncs description: Create a TeamCity Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the TeamCity Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the TeamCity Sync. connectionId: type: string format: uuid description: The ID of the TeamCity Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity/{syncId}: get: operationId: getTeamcitySecretSync tags: - Secret Syncs description: Get the specified TeamCity Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTeamcitySecretSync tags: - Secret Syncs description: Update the specified TeamCity Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the TeamCity Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the TeamCity Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the TeamCity Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTeamcitySecretSync tags: - Secret Syncs description: Delete the specified TeamCity Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity/sync-name/{syncName}: get: operationId: getTeamcitySecretSyncByName tags: - Secret Syncs description: Get the specified TeamCity Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the TeamCity Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the TeamCity Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity/{syncId}/sync-secrets: post: operationId: syncTeamcitySecretSync tags: - Secret Syncs description: Trigger a sync for the specified TeamCity Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity/{syncId}/import-secrets: post: operationId: importTeamcitySecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified TeamCity Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or TeamCity. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/teamcity/{syncId}/remove-secrets: post: operationId: removeTeamcitySecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified TeamCity Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the TeamCity Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the TeamCity destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the TeamCity destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the TeamCity destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - teamcity name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - teamcity destinationConfig: type: object properties: project: type: string minLength: 1 description: The TeamCity project to sync secrets to. buildConfig: type: string description: The TeamCity build configuration to sync secrets to. required: - project additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: TeamCity required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault: get: operationId: listOciVaultSecretSyncs tags: - Secret Syncs description: List the OCI Vault Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list OCI Vault Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOciVaultSecretSync tags: - Secret Syncs description: Create an OCI Vault Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the OCI Vault Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the OCI Vault Sync. connectionId: type: string format: uuid description: The ID of the OCI Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault/{syncId}: get: operationId: getOciVaultSecretSync tags: - Secret Syncs description: Get the specified OCI Vault Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOciVaultSecretSync tags: - Secret Syncs description: Update the specified OCI Vault Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the OCI Vault Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the OCI Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the OCI Vault Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOciVaultSecretSync tags: - Secret Syncs description: Delete the specified OCI Vault Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault/sync-name/{syncName}: get: operationId: getOciVaultSecretSyncByName tags: - Secret Syncs description: Get the specified OCI Vault Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the OCI Vault Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the OCI Vault Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault/{syncId}/sync-secrets: post: operationId: syncOciVaultSecretSync tags: - Secret Syncs description: Trigger a sync for the specified OCI Vault Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault/{syncId}/import-secrets: post: operationId: importOciVaultSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified OCI Vault Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or OCI Vault. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/oci-vault/{syncId}/remove-secrets: post: operationId: removeOciVaultSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified OCI Vault Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OCI Vault Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OCI Vault destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OCI Vault destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OCI Vault destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - oci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - oci-vault destinationConfig: type: object properties: compartmentOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the compartment where the vault is located. vaultOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the vault to sync secrets to. keyOcid: type: string minLength: 1 description: The OCID (Oracle Cloud Identifier) of the encryption key to use when creating secrets in the vault. required: - compartmentOcid - vaultOcid - keyOcid additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OCI Vault required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password: get: operationId: listOnePasswordSecretSyncs tags: - Secret Syncs description: List the 1Password Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list 1Password Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOnePasswordSecretSync tags: - Secret Syncs description: Create a 1Password Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the 1Password Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the 1Password Sync. connectionId: type: string format: uuid description: The ID of the 1Password Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password/{syncId}: get: operationId: getOnePasswordSecretSync tags: - Secret Syncs description: Get the specified 1Password Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOnePasswordSecretSync tags: - Secret Syncs description: Update the specified 1Password Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the 1Password Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the 1Password Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the 1Password Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOnePasswordSecretSync tags: - Secret Syncs description: Delete the specified 1Password Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password/sync-name/{syncName}: get: operationId: getOnePasswordSecretSyncByName tags: - Secret Syncs description: Get the specified 1Password Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the 1Password Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the 1Password Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password/{syncId}/sync-secrets: post: operationId: syncOnePasswordSecretSync tags: - Secret Syncs description: Trigger a sync for the specified 1Password Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password/{syncId}/import-secrets: post: operationId: importOnePasswordSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified 1Password Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or 1Password. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/1password/{syncId}/remove-secrets: post: operationId: removeOnePasswordSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified 1Password Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the 1Password Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the 1Password destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the 1Password destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the 1Password destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - 1password name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - 1password destinationConfig: type: object properties: vaultId: type: string minLength: 1 description: The ID of the 1Password vault to sync secrets to. valueLabel: type: string description: The label of the entry that holds the secret value. required: - vaultId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: 1Password required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku: get: operationId: listHerokuSecretSyncs tags: - Secret Syncs description: List the Heroku Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Heroku Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHerokuSecretSync tags: - Secret Syncs description: Create a Heroku Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Heroku Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Heroku Sync. connectionId: type: string format: uuid description: The ID of the Heroku Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku/{syncId}: get: operationId: getHerokuSecretSync tags: - Secret Syncs description: Get the specified Heroku Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHerokuSecretSync tags: - Secret Syncs description: Update the specified Heroku Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Heroku Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Heroku Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Heroku Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHerokuSecretSync tags: - Secret Syncs description: Delete the specified Heroku Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku/sync-name/{syncName}: get: operationId: getHerokuSecretSyncByName tags: - Secret Syncs description: Get the specified Heroku Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Heroku Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Heroku Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku/{syncId}/sync-secrets: post: operationId: syncHerokuSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Heroku Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku/{syncId}/import-secrets: post: operationId: importHerokuSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Heroku Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Heroku. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/heroku/{syncId}/remove-secrets: post: operationId: removeHerokuSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Heroku Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Heroku Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Heroku destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Heroku destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Heroku destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - heroku name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - heroku destinationConfig: type: object properties: app: type: string minLength: 1 description: The ID of the Heroku app to sync secrets to. appName: type: string minLength: 1 description: The name of the Heroku app to sync secrets to. required: - app - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Heroku required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render: get: operationId: listRenderSecretSyncs tags: - Secret Syncs description: List the Render Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Render Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRenderSecretSync tags: - Secret Syncs description: Create a Render Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Render Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Render Sync. connectionId: type: string format: uuid description: The ID of the Render Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render/{syncId}: get: operationId: getRenderSecretSync tags: - Secret Syncs description: Get the specified Render Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRenderSecretSync tags: - Secret Syncs description: Update the specified Render Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Render Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Render Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Render Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRenderSecretSync tags: - Secret Syncs description: Delete the specified Render Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render/sync-name/{syncName}: get: operationId: getRenderSecretSyncByName tags: - Secret Syncs description: Get the specified Render Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Render Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Render Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render/{syncId}/sync-secrets: post: operationId: syncRenderSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Render Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render/{syncId}/import-secrets: post: operationId: importRenderSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Render Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Render. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/render/{syncId}/remove-secrets: post: operationId: removeRenderSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Render Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Render Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Render destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Render destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Render destination when syncing. autoRedeployServices: type: boolean description: Whether Infisical should automatically redeploy the configured Render service upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - render name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - render destinationConfig: anyOf: - type: object properties: scope: type: string enum: - service description: The Render scope that secrets should be synced to. serviceId: type: string minLength: 1 description: The ID of the Render service to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - serviceId - type additionalProperties: false - type: object properties: scope: type: string enum: - environment-group description: The Render scope that secrets should be synced to. environmentGroupId: type: string minLength: 1 description: The ID of the Render environment group to sync secrets to. type: type: string enum: - env - file description: The Render resource type to sync secrets to. required: - scope - environmentGroupId - type additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Render required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio: get: operationId: listFlyioSecretSyncs tags: - Secret Syncs description: List the Fly.io Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Fly.io Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createFlyioSecretSync tags: - Secret Syncs description: Create a Fly.io Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Fly.io Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Fly.io Sync. connectionId: type: string format: uuid description: The ID of the Fly.io Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio/{syncId}: get: operationId: getFlyioSecretSync tags: - Secret Syncs description: Get the specified Fly.io Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateFlyioSecretSync tags: - Secret Syncs description: Update the specified Fly.io Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Fly.io Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Fly.io Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Fly.io Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteFlyioSecretSync tags: - Secret Syncs description: Delete the specified Fly.io Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio/sync-name/{syncName}: get: operationId: getFlyioSecretSyncByName tags: - Secret Syncs description: Get the specified Fly.io Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Fly.io Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Fly.io Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio/{syncId}/sync-secrets: post: operationId: syncFlyioSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Fly.io Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio/{syncId}/import-secrets: post: operationId: importFlyioSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Fly.io Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Fly.io. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/flyio/{syncId}/remove-secrets: post: operationId: removeFlyioSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Fly.io Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Fly.io Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Fly.io destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Fly.io destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Fly.io destination when syncing. autoRedeploy: type: boolean description: Whether Infisical should automatically redeploy the configured Fly.io app upon secret changes. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - flyio name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - flyio destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 description: The ID of the Fly.io app to sync secrets to. required: - appId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Fly.io required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab: get: operationId: listGitLabSecretSyncs tags: - Secret Syncs description: List the GitLab Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list GitLab Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitLabSecretSync tags: - Secret Syncs description: Create a GitLab Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the GitLab Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the GitLab Sync. connectionId: type: string format: uuid description: The ID of the GitLab Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab/{syncId}: get: operationId: getGitLabSecretSync tags: - Secret Syncs description: Get the specified GitLab Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitLabSecretSync tags: - Secret Syncs description: Update the specified GitLab Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the GitLab Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the GitLab Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the GitLab Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitLabSecretSync tags: - Secret Syncs description: Delete the specified GitLab Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab/sync-name/{syncName}: get: operationId: getGitLabSecretSyncByName tags: - Secret Syncs description: Get the specified GitLab Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the GitLab Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the GitLab Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab/{syncId}/sync-secrets: post: operationId: syncGitLabSecretSync tags: - Secret Syncs description: Trigger a sync for the specified GitLab Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab/{syncId}/import-secrets: post: operationId: importGitLabSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified GitLab Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or GitLab. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/gitlab/{syncId}/remove-secrets: post: operationId: removeGitLabSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified GitLab Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the GitLab Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the GitLab destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the GitLab destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the GitLab destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - gitlab destinationConfig: anyOf: - type: object properties: scope: type: string enum: - project description: 'The GitLab scope that secrets should be synced to. (default: project)' projectId: type: string minLength: 1 description: The GitLab Project ID to sync secrets to. projectName: type: string minLength: 1 description: The GitLab Project Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - projectId - projectName additionalProperties: false - type: object properties: scope: type: string enum: - group description: 'The GitLab scope that secrets should be synced to. (default: project)' groupId: type: string minLength: 1 description: The GitLab Group ID to sync secrets to. groupName: type: string minLength: 1 description: The GitLab Group Name to sync secrets to. targetEnvironment: type: string default: '*' description: 'The GitLab environment scope that secrets should be synced to. (default: *)' shouldProtectSecrets: type: boolean default: false description: Whether variables should be protected shouldMaskSecrets: type: boolean default: false description: Whether variables should be masked in logs shouldHideSecrets: type: boolean default: false description: Whether variables should be hidden required: - scope - groupId - groupName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: GitLab required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages: get: operationId: listCloudflarePagesSecretSyncs tags: - Secret Syncs description: List the Cloudflare Pages Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Cloudflare Pages Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCloudflarePagesSecretSync tags: - Secret Syncs description: Create a Cloudflare Pages Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Cloudflare Pages Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Cloudflare Pages Sync. connectionId: type: string format: uuid description: The ID of the Cloudflare Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages/{syncId}: get: operationId: getCloudflarePagesSecretSync tags: - Secret Syncs description: Get the specified Cloudflare Pages Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCloudflarePagesSecretSync tags: - Secret Syncs description: Update the specified Cloudflare Pages Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Cloudflare Pages Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Cloudflare Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Cloudflare Pages Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCloudflarePagesSecretSync tags: - Secret Syncs description: Delete the specified Cloudflare Pages Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages/sync-name/{syncName}: get: operationId: getCloudflarePagesSecretSyncByName tags: - Secret Syncs description: Get the specified Cloudflare Pages Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Cloudflare Pages Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Cloudflare Pages Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages/{syncId}/sync-secrets: post: operationId: syncCloudflarePagesSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Cloudflare Pages Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages/{syncId}/import-secrets: post: operationId: importCloudflarePagesSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Cloudflare Pages Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Cloudflare Pages. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-pages/{syncId}/remove-secrets: post: operationId: removeCloudflarePagesSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Cloudflare Pages Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Pages Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Pages destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Pages destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Pages destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-pages destinationConfig: type: object properties: projectName: type: string minLength: 1 description: The name of the Cloudflare Pages project to sync secrets to. environment: type: string minLength: 1 description: The environment of the Cloudflare Pages project to sync secrets to. required: - projectName - environment additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Pages required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers: get: operationId: listCloudflareWorkersSecretSyncs tags: - Secret Syncs description: List the Cloudflare Workers Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Cloudflare Workers Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCloudflareWorkersSecretSync tags: - Secret Syncs description: Create a Cloudflare Workers Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Cloudflare Workers Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Cloudflare Workers Sync. connectionId: type: string format: uuid description: The ID of the Cloudflare Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers/{syncId}: get: operationId: getCloudflareWorkersSecretSync tags: - Secret Syncs description: Get the specified Cloudflare Workers Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCloudflareWorkersSecretSync tags: - Secret Syncs description: Update the specified Cloudflare Workers Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Cloudflare Workers Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Cloudflare Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Cloudflare Workers Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCloudflareWorkersSecretSync tags: - Secret Syncs description: Delete the specified Cloudflare Workers Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers/sync-name/{syncName}: get: operationId: getCloudflareWorkersSecretSyncByName tags: - Secret Syncs description: Get the specified Cloudflare Workers Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Cloudflare Workers Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Cloudflare Workers Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers/{syncId}/sync-secrets: post: operationId: syncCloudflareWorkersSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Cloudflare Workers Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers/{syncId}/import-secrets: post: operationId: importCloudflareWorkersSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Cloudflare Workers Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Cloudflare Workers. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/cloudflare-workers/{syncId}/remove-secrets: post: operationId: removeCloudflareWorkersSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Cloudflare Workers Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Cloudflare Workers Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Cloudflare Workers destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Cloudflare Workers destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Cloudflare Workers destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - cloudflare name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - cloudflare-workers destinationConfig: type: object properties: scriptId: type: string minLength: 1 maxLength: 64 description: The ID of the Cloudflare Workers script to sync secrets to. required: - scriptId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Cloudflare Workers required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase: get: operationId: listSupabaseSecretSyncs tags: - Secret Syncs description: List the Supabase Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Supabase Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSupabaseSecretSync tags: - Secret Syncs description: Create a Supabase Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Supabase Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Supabase Sync. connectionId: type: string format: uuid description: The ID of the Supabase Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase/{syncId}: get: operationId: getSupabaseSecretSync tags: - Secret Syncs description: Get the specified Supabase Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSupabaseSecretSync tags: - Secret Syncs description: Update the specified Supabase Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Supabase Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Supabase Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Supabase Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSupabaseSecretSync tags: - Secret Syncs description: Delete the specified Supabase Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase/sync-name/{syncName}: get: operationId: getSupabaseSecretSyncByName tags: - Secret Syncs description: Get the specified Supabase Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Supabase Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Supabase Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase/{syncId}/sync-secrets: post: operationId: syncSupabaseSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Supabase Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase/{syncId}/import-secrets: post: operationId: importSupabaseSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Supabase Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Supabase. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/supabase/{syncId}/remove-secrets: post: operationId: removeSupabaseSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Supabase Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Supabase Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Supabase destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Supabase destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Supabase destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - supabase destinationConfig: type: object properties: projectId: type: string maxLength: 255 minLength: 1 projectName: type: string maxLength: 255 minLength: 1 required: - projectId - projectName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Supabase required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix: get: operationId: listZabbixSecretSyncs tags: - Secret Syncs description: List the Zabbix Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Zabbix Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createZabbixSecretSync tags: - Secret Syncs description: Create a Zabbix Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Zabbix Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Zabbix Sync. connectionId: type: string format: uuid description: The ID of the Zabbix Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix/{syncId}: get: operationId: getZabbixSecretSync tags: - Secret Syncs description: Get the specified Zabbix Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateZabbixSecretSync tags: - Secret Syncs description: Update the specified Zabbix Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Zabbix Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Zabbix Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Zabbix Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteZabbixSecretSync tags: - Secret Syncs description: Delete the specified Zabbix Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix/sync-name/{syncName}: get: operationId: getZabbixSecretSyncByName tags: - Secret Syncs description: Get the specified Zabbix Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Zabbix Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Zabbix Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix/{syncId}/sync-secrets: post: operationId: syncZabbixSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Zabbix Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix/{syncId}/import-secrets: post: operationId: importZabbixSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Zabbix Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Zabbix. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/zabbix/{syncId}/remove-secrets: post: operationId: removeZabbixSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Zabbix Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Zabbix Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Zabbix destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Zabbix destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Zabbix destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - zabbix name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - zabbix destinationConfig: anyOf: - type: object properties: scope: type: string enum: - host description: The Zabbix scope that secrets should be synced to. hostId: type: string minLength: 1 maxLength: 255 description: The ID of the Zabbix host to sync secrets to. hostName: type: string minLength: 1 maxLength: 255 description: The name of the Zabbix host to sync secrets to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - hostId - hostName - macroType additionalProperties: false - type: object properties: scope: type: string enum: - global description: The Zabbix scope that secrets should be synced to. macroType: type: number minimum: 0 maximum: 1 description: 'The type of macro to sync secrets to. (0: Text, 1: Secret)' required: - scope - macroType additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Zabbix required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway: get: operationId: listRailwaySecretSyncs tags: - Secret Syncs description: List the Railway Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Railway Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRailwaySecretSync tags: - Secret Syncs description: Create a Railway Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Railway Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Railway Sync. connectionId: type: string format: uuid description: The ID of the Railway Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway/{syncId}: get: operationId: getRailwaySecretSync tags: - Secret Syncs description: Get the specified Railway Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRailwaySecretSync tags: - Secret Syncs description: Update the specified Railway Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Railway Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Railway Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Railway Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRailwaySecretSync tags: - Secret Syncs description: Delete the specified Railway Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway/sync-name/{syncName}: get: operationId: getRailwaySecretSyncByName tags: - Secret Syncs description: Get the specified Railway Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Railway Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Railway Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway/{syncId}/sync-secrets: post: operationId: syncRailwaySecretSync tags: - Secret Syncs description: Trigger a sync for the specified Railway Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway/{syncId}/import-secrets: post: operationId: importRailwaySecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Railway Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Railway. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/railway/{syncId}/remove-secrets: post: operationId: removeRailwaySecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Railway Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Railway Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Railway destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Railway destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Railway destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - railway name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - railway destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Railway project to sync secrets to. projectName: type: string description: The name of the Railway project to sync secrets to. environmentId: type: string minLength: 1 description: The Railway environment to sync secrets to. environmentName: type: string description: The Railway environment to sync secrets to. serviceId: type: string description: The Railway service that secrets should be synced to. serviceName: type: string description: The Railway service that secrets should be synced to. required: - projectId - projectName - environmentId - environmentName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Railway required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly: get: operationId: listChecklySecretSyncs tags: - Secret Syncs description: List the Checkly Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Checkly Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createChecklySecretSync tags: - Secret Syncs description: Create a Checkly Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Checkly Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Checkly Sync. connectionId: type: string format: uuid description: The ID of the Checkly Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly/{syncId}: get: operationId: getChecklySecretSync tags: - Secret Syncs description: Get the specified Checkly Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateChecklySecretSync tags: - Secret Syncs description: Update the specified Checkly Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Checkly Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Checkly Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Checkly Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteChecklySecretSync tags: - Secret Syncs description: Delete the specified Checkly Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly/sync-name/{syncName}: get: operationId: getChecklySecretSyncByName tags: - Secret Syncs description: Get the specified Checkly Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Checkly Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Checkly Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly/{syncId}/sync-secrets: post: operationId: syncChecklySecretSync tags: - Secret Syncs description: Trigger a sync for the specified Checkly Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly/{syncId}/import-secrets: post: operationId: importChecklySecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Checkly Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Checkly. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/checkly/{syncId}/remove-secrets: post: operationId: removeChecklySecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Checkly Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Checkly Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Checkly destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Checkly destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Checkly destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - checkly name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - checkly destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 accountName: type: string minLength: 1 maxLength: 255 groupId: type: string minLength: 1 maxLength: 255 groupName: type: string minLength: 1 maxLength: 255 required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Checkly required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform: get: operationId: listDigitalOceanAppPlatformSecretSyncs tags: - Secret Syncs description: List the Digital Ocean App Platform Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Digital Ocean App Platform Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDigitalOceanAppPlatformSecretSync tags: - Secret Syncs description: Create a Digital Ocean App Platform Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Digital Ocean App Platform Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Digital Ocean App Platform Sync. connectionId: type: string format: uuid description: The ID of the DigitalOcean App Platform Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform/{syncId}: get: operationId: getDigitalOceanAppPlatformSecretSync tags: - Secret Syncs description: Get the specified Digital Ocean App Platform Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDigitalOceanAppPlatformSecretSync tags: - Secret Syncs description: Update the specified Digital Ocean App Platform Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Digital Ocean App Platform Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the DigitalOcean App Platform Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Digital Ocean App Platform Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDigitalOceanAppPlatformSecretSync tags: - Secret Syncs description: Delete the specified Digital Ocean App Platform Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform/sync-name/{syncName}: get: operationId: getDigitalOceanAppPlatformSecretSyncByName tags: - Secret Syncs description: Get the specified Digital Ocean App Platform Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Digital Ocean App Platform Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Digital Ocean App Platform Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform/{syncId}/sync-secrets: post: operationId: syncDigitalOceanAppPlatformSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Digital Ocean App Platform Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform/{syncId}/import-secrets: post: operationId: importDigitalOceanAppPlatformSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Digital Ocean App Platform Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Digital Ocean App Platform. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/digital-ocean-app-platform/{syncId}/remove-secrets: post: operationId: removeDigitalOceanAppPlatformSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Digital Ocean App Platform Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Digital Ocean App Platform Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Digital Ocean App Platform destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Digital Ocean App Platform destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Digital Ocean App Platform destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - digital-ocean name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - digital-ocean-app-platform destinationConfig: type: object properties: appId: type: string minLength: 1 maxLength: 255 appName: type: string minLength: 1 maxLength: 255 required: - appId - appName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Digital Ocean App Platform required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify: get: operationId: listNetlifySecretSyncs tags: - Secret Syncs description: List the Netlify Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Netlify Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNetlifySecretSync tags: - Secret Syncs description: Create a Netlify Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Netlify Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Netlify Sync. connectionId: type: string format: uuid description: The ID of the Netlify Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify/{syncId}: get: operationId: getNetlifySecretSync tags: - Secret Syncs description: Get the specified Netlify Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNetlifySecretSync tags: - Secret Syncs description: Update the specified Netlify Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Netlify Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Netlify Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Netlify Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNetlifySecretSync tags: - Secret Syncs description: Delete the specified Netlify Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify/sync-name/{syncName}: get: operationId: getNetlifySecretSyncByName tags: - Secret Syncs description: Get the specified Netlify Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Netlify Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Netlify Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify/{syncId}/sync-secrets: post: operationId: syncNetlifySecretSync tags: - Secret Syncs description: Trigger a sync for the specified Netlify Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify/{syncId}/import-secrets: post: operationId: importNetlifySecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Netlify Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Netlify. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/netlify/{syncId}/remove-secrets: post: operationId: removeNetlifySecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Netlify Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Netlify Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Netlify destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Netlify destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Netlify destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - netlify name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - netlify destinationConfig: type: object properties: accountId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify account to sync secrets to. accountName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify account to sync secrets to. siteId: type: string minLength: 1 maxLength: 255 description: The ID of the Netlify site to sync secrets to. siteName: type: string minLength: 1 maxLength: 255 description: The name of the Netlify site to sync secrets to. context: type: string enum: - all - deploy-preview - production - branch-deploy - dev - branch description: The Netlify context to sync secrets to. required: - accountId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Netlify required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank: get: operationId: listNorthflankSecretSyncs tags: - Secret Syncs description: List the Northflank Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Northflank Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createNorthflankSecretSync tags: - Secret Syncs description: Create a Northflank Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Northflank Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Northflank Sync. connectionId: type: string format: uuid description: The ID of the Northflank Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank/{syncId}: get: operationId: getNorthflankSecretSync tags: - Secret Syncs description: Get the specified Northflank Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateNorthflankSecretSync tags: - Secret Syncs description: Update the specified Northflank Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Northflank Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Northflank Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Northflank Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteNorthflankSecretSync tags: - Secret Syncs description: Delete the specified Northflank Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank/sync-name/{syncName}: get: operationId: getNorthflankSecretSyncByName tags: - Secret Syncs description: Get the specified Northflank Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Northflank Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Northflank Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank/{syncId}/sync-secrets: post: operationId: syncNorthflankSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Northflank Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank/{syncId}/import-secrets: post: operationId: importNorthflankSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Northflank Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Northflank. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/northflank/{syncId}/remove-secrets: post: operationId: removeNorthflankSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Northflank Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Northflank Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Northflank destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Northflank destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Northflank destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - northflank name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - northflank destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the Northflank project to sync secrets to. projectName: type: string description: The name of the Northflank project to sync secrets to. secretGroupId: type: string minLength: 1 description: The ID of the Northflank secret group to sync secrets to. secretGroupName: type: string description: The name of the Northflank secret group to sync secrets to. required: - projectId - secretGroupId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Northflank required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket: get: operationId: listBitbucketSecretSyncs tags: - Secret Syncs description: List the Bitbucket Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Bitbucket Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createBitbucketSecretSync tags: - Secret Syncs description: Create a Bitbucket Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Bitbucket Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Bitbucket Sync. connectionId: type: string format: uuid description: The ID of the Bitbucket Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket/{syncId}: get: operationId: getBitbucketSecretSync tags: - Secret Syncs description: Get the specified Bitbucket Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateBitbucketSecretSync tags: - Secret Syncs description: Update the specified Bitbucket Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Bitbucket Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Bitbucket Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Bitbucket Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteBitbucketSecretSync tags: - Secret Syncs description: Delete the specified Bitbucket Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket/sync-name/{syncName}: get: operationId: getBitbucketSecretSyncByName tags: - Secret Syncs description: Get the specified Bitbucket Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Bitbucket Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Bitbucket Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket/{syncId}/sync-secrets: post: operationId: syncBitbucketSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Bitbucket Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket/{syncId}/import-secrets: post: operationId: importBitbucketSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Bitbucket Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Bitbucket. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/bitbucket/{syncId}/remove-secrets: post: operationId: removeBitbucketSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Bitbucket Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Bitbucket Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Bitbucket destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Bitbucket destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Bitbucket destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - bitbucket destinationConfig: type: object properties: repositorySlug: type: string description: The Bitbucket Repository slug to sync secrets to. environmentId: type: string description: The Bitbucket Deployment Environment uuid to sync secrets to. workspaceSlug: type: string description: The Bitbucket Workspace slug to sync secrets to. required: - repositorySlug - workspaceSlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Bitbucket required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge: get: operationId: listLaravelForgeSecretSyncs tags: - Secret Syncs description: List the Laravel Forge Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Laravel Forge Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createLaravelForgeSecretSync tags: - Secret Syncs description: Create a Laravel Forge Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Laravel Forge Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Laravel Forge Sync. connectionId: type: string format: uuid description: The ID of the Laravel Forge Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge/{syncId}: get: operationId: getLaravelForgeSecretSync tags: - Secret Syncs description: Get the specified Laravel Forge Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateLaravelForgeSecretSync tags: - Secret Syncs description: Update the specified Laravel Forge Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Laravel Forge Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Laravel Forge Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Laravel Forge Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteLaravelForgeSecretSync tags: - Secret Syncs description: Delete the specified Laravel Forge Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge/sync-name/{syncName}: get: operationId: getLaravelForgeSecretSyncByName tags: - Secret Syncs description: Get the specified Laravel Forge Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Laravel Forge Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Laravel Forge Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge/{syncId}/sync-secrets: post: operationId: syncLaravelForgeSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Laravel Forge Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge/{syncId}/import-secrets: post: operationId: importLaravelForgeSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Laravel Forge Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Laravel Forge. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/laravel-forge/{syncId}/remove-secrets: post: operationId: removeLaravelForgeSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Laravel Forge Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Laravel Forge Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Laravel Forge destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Laravel Forge destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Laravel Forge destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - laravel-forge name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - laravel-forge destinationConfig: type: object properties: orgSlug: type: string minLength: 1 maxLength: 512 description: The slug of the Laravel Forge org to sync secrets to. orgName: type: string description: The name of the Laravel Forge org to sync secrets to. serverId: type: string minLength: 1 description: The ID of the Laravel Forge server to sync secrets to. serverName: type: string description: The name of the Laravel Forge server to sync secrets to. siteId: type: string minLength: 1 description: The ID of the Laravel Forge site to sync secrets to. siteName: type: string description: The name of the Laravel Forge site to sync secrets to. required: - orgSlug - serverId - siteId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Laravel Forge required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef: get: operationId: listChefSecretSyncs tags: - Secret Syncs description: List the Chef Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Chef Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createChefSecretSync tags: - Secret Syncs description: Create a Chef Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Chef Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Chef Sync. connectionId: type: string format: uuid description: The ID of the Chef Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef/{syncId}: get: operationId: getChefSecretSync tags: - Secret Syncs description: Get the specified Chef Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateChefSecretSync tags: - Secret Syncs description: Update the specified Chef Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Chef Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Chef Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Chef Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteChefSecretSync tags: - Secret Syncs description: Delete the specified Chef Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef/sync-name/{syncName}: get: operationId: getChefSecretSyncByName tags: - Secret Syncs description: Get the specified Chef Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Chef Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Chef Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef/{syncId}/sync-secrets: post: operationId: syncChefSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Chef Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef/{syncId}/import-secrets: post: operationId: importChefSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Chef Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Chef. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/chef/{syncId}/remove-secrets: post: operationId: removeChefSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Chef Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Chef Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Chef destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Chef destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Chef destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - chef name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - chef destinationConfig: type: object properties: dataBagName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag to sync secrets to. dataBagItemName: type: string minLength: 1 maxLength: 256 description: The name of the Chef data bag item to sync secrets to. required: - dataBagName - dataBagItemName additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Chef required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy: get: operationId: listOctopusDeploySecretSyncs tags: - Secret Syncs description: List the Octopus Deploy Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Octopus Deploy Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOctopusDeploySecretSync tags: - Secret Syncs description: Create an Octopus Deploy Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Octopus Deploy Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Octopus Deploy Sync. connectionId: type: string format: uuid description: The ID of the Octopus Deploy Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy/{syncId}: get: operationId: getOctopusDeploySecretSync tags: - Secret Syncs description: Get the specified Octopus Deploy Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOctopusDeploySecretSync tags: - Secret Syncs description: Update the specified Octopus Deploy Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Octopus Deploy Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Octopus Deploy Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Octopus Deploy Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOctopusDeploySecretSync tags: - Secret Syncs description: Delete the specified Octopus Deploy Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy/sync-name/{syncName}: get: operationId: getOctopusDeploySecretSyncByName tags: - Secret Syncs description: Get the specified Octopus Deploy Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Octopus Deploy Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Octopus Deploy Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy/{syncId}/sync-secrets: post: operationId: syncOctopusDeploySecretSync tags: - Secret Syncs description: Trigger a sync for the specified Octopus Deploy Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy/{syncId}/import-secrets: post: operationId: importOctopusDeploySecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Octopus Deploy Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Octopus Deploy. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/octopus-deploy/{syncId}/remove-secrets: post: operationId: removeOctopusDeploySecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Octopus Deploy Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Octopus Deploy Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Octopus Deploy destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Octopus Deploy destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Octopus Deploy destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - octopus-deploy name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - octopus-deploy destinationConfig: allOf: - type: object properties: spaceId: type: string minLength: 1 description: The ID of the Octopus Deploy space to sync secrets to. spaceName: type: string description: The name of the Octopus Deploy space to sync secrets to. scope: type: string enum: - project default: project required: - spaceId - anyOf: - type: object properties: scope: type: string enum: - project projectId: type: string minLength: 1 description: The ID of the Octopus Deploy project to sync secrets to. projectName: type: string description: The name of the Octopus Deploy project to sync secrets to. scopeValues: type: object properties: environments: type: array items: type: string roles: type: array items: type: string machines: type: array items: type: string processes: type: array items: type: string actions: type: array items: type: string channels: type: array items: type: string additionalProperties: false description: The Octopus Deploy scope values that secrets should be synced to. required: - scope - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Octopus Deploy required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci: get: operationId: listCircleciSecretSyncs tags: - Secret Syncs description: List the CircleCI Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list CircleCI Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createCircleciSecretSync tags: - Secret Syncs description: Create a CircleCI Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the CircleCI Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the CircleCI Sync. connectionId: type: string format: uuid description: The ID of the CircleCI Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgName: type: string minLength: 1 description: The CircleCI organization name to sync secrets to. projectName: type: string minLength: 1 description: The CircleCI project name to sync secrets to. projectId: type: string minLength: 1 description: The CircleCI project ID to sync secrets to. required: - orgName - projectName - projectId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci/{syncId}: get: operationId: getCircleciSecretSync tags: - Secret Syncs description: Get the specified CircleCI Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateCircleciSecretSync tags: - Secret Syncs description: Update the specified CircleCI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the CircleCI Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the CircleCI Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the CircleCI Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteCircleciSecretSync tags: - Secret Syncs description: Delete the specified CircleCI Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci/sync-name/{syncName}: get: operationId: getCircleciSecretSyncByName tags: - Secret Syncs description: Get the specified CircleCI Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the CircleCI Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the CircleCI Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci/{syncId}/sync-secrets: post: operationId: syncCircleciSecretSync tags: - Secret Syncs description: Trigger a sync for the specified CircleCI Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci/{syncId}/import-secrets: post: operationId: importCircleciSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified CircleCI Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or CircleCI. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/circleci/{syncId}/remove-secrets: post: operationId: removeCircleciSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified CircleCI Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the CircleCI Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the CircleCI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the CircleCI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the CircleCI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - circleci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - circleci destinationConfig: type: object properties: orgName: type: string minLength: 1 projectName: type: string minLength: 1 projectId: type: string minLength: 1 required: - orgName - projectName - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: CircleCI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim: get: operationId: listAzureEntraIdScimSecretSyncs tags: - Secret Syncs description: List the Azure Entra ID SCIM Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Azure Entra ID SCIM Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureEntraIdScimSecretSync tags: - Secret Syncs description: Create an Azure Entra ID SCIM Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Azure Entra ID SCIM Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Entra ID SCIM Sync. connectionId: type: string format: uuid description: The ID of the Azure Entra ID Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretKey: type: string minLength: 1 description: The key of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior - secretKey additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim/{syncId}: get: operationId: getAzureEntraIdScimSecretSync tags: - Secret Syncs description: Get the specified Azure Entra ID SCIM Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureEntraIdScimSecretSync tags: - Secret Syncs description: Update the specified Azure Entra ID SCIM Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Azure Entra ID SCIM Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Azure Entra ID Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Entra ID SCIM Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretKey: type: string minLength: 1 description: The key of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureEntraIdScimSecretSync tags: - Secret Syncs description: Delete the specified Azure Entra ID SCIM Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim/sync-name/{syncName}: get: operationId: getAzureEntraIdScimSecretSyncByName tags: - Secret Syncs description: Get the specified Azure Entra ID SCIM Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Azure Entra ID SCIM Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Azure Entra ID SCIM Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim/{syncId}/sync-secrets: post: operationId: syncAzureEntraIdScimSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Azure Entra ID SCIM Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim/{syncId}/import-secrets: post: operationId: importAzureEntraIdScimSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Azure Entra ID SCIM Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Azure Entra ID SCIM. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/azure-entra-id-scim/{syncId}/remove-secrets: post: operationId: removeAzureEntraIdScimSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Azure Entra ID SCIM Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Azure Entra ID SCIM Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Azure Entra ID SCIM destination. keySchema: type: string description: Not supported for Azure Entra ID SCIM syncs. disableSecretDeletion: anyOf: - type: boolean enum: - false - not: {} description: Not supported for Azure Entra ID SCIM syncs. secretId: type: string format: uuid description: The ID of the Infisical secret whose value will be used as the SCIM provisioning token. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - azure-entra-id name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - azure-entra-id-scim destinationConfig: type: object properties: servicePrincipalId: type: string format: uuid minLength: 1 description: The Object ID of the Azure Entra ID Enterprise Application service principal to sync the SCIM token to. servicePrincipalDisplayName: type: string description: The display name of the Azure Entra ID Enterprise Application service principal. required: - servicePrincipalId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Azure Entra ID SCIM required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical: get: operationId: listExternalInfisicalSecretSyncs tags: - Secret Syncs description: List the Infisical Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Infisical Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createExternalInfisicalSecretSync tags: - Secret Syncs description: Create an Infisical Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Infisical Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Infisical Sync. connectionId: type: string format: uuid description: The ID of the Infisical Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical/{syncId}: get: operationId: getExternalInfisicalSecretSync tags: - Secret Syncs description: Get the specified Infisical Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateExternalInfisicalSecretSync tags: - Secret Syncs description: Update the specified Infisical Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Infisical Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Infisical Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Infisical Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteExternalInfisicalSecretSync tags: - Secret Syncs description: Delete the specified Infisical Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical/sync-name/{syncName}: get: operationId: getExternalInfisicalSecretSyncByName tags: - Secret Syncs description: Get the specified Infisical Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Infisical Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Infisical Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical/{syncId}/sync-secrets: post: operationId: syncExternalInfisicalSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Infisical Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical/{syncId}/import-secrets: post: operationId: importExternalInfisicalSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Infisical Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Infisical. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/external-infisical/{syncId}/remove-secrets: post: operationId: removeExternalInfisicalSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Infisical Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Infisical Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the Infisical destination. keySchema: type: string description: Not supported for Infisical syncs. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Infisical destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - external-infisical name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - external-infisical destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The ID of the project on the external Infisical instance to sync secrets to. environment: type: string minLength: 1 description: The environment slug on the external Infisical instance to sync secrets to. secretPath: type: string minLength: 1 description: The secret path on the external Infisical instance to sync secrets to. required: - projectId - environment - secretPath additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Infisical required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh: get: operationId: listOvhSecretSyncs tags: - Secret Syncs description: List the OVH Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list OVH Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOvhSecretSync tags: - Secret Syncs description: Create an OVH Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the OVH Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the OVH Sync. connectionId: type: string format: uuid description: The ID of the OVH Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh/{syncId}: get: operationId: getOvhSecretSync tags: - Secret Syncs description: Get the specified OVH Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOvhSecretSync tags: - Secret Syncs description: Update the specified OVH Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the OVH Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the OVH Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the OVH Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOvhSecretSync tags: - Secret Syncs description: Delete the specified OVH Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh/sync-name/{syncName}: get: operationId: getOvhSecretSyncByName tags: - Secret Syncs description: Get the specified OVH Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the OVH Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the OVH Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh/{syncId}/sync-secrets: post: operationId: syncOvhSecretSync tags: - Secret Syncs description: Trigger a sync for the specified OVH Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh/{syncId}/import-secrets: post: operationId: importOvhSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified OVH Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or OVH. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ovh/{syncId}/remove-secrets: post: operationId: removeOvhSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified OVH Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the OVH Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination - import-prioritize-source - import-prioritize-destination description: Specify how Infisical should resolve the initial sync to the OVH destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the OVH destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the OVH destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ovh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ovh destinationConfig: type: object properties: path: type: string minLength: 1 maxLength: 128 description: The path in OVH OKMS where secrets will be stored as key/value pairs. required: - path additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: OVH required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin: get: operationId: listDevinSecretSyncs tags: - Secret Syncs description: List the Devin Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Devin Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDevinSecretSync tags: - Secret Syncs description: Create a Devin Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Devin Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Devin Sync. connectionId: type: string format: uuid description: The ID of the Devin Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin/{syncId}: get: operationId: getDevinSecretSync tags: - Secret Syncs description: Get the specified Devin Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDevinSecretSync tags: - Secret Syncs description: Update the specified Devin Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Devin Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Devin Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Devin Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDevinSecretSync tags: - Secret Syncs description: Delete the specified Devin Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin/sync-name/{syncName}: get: operationId: getDevinSecretSyncByName tags: - Secret Syncs description: Get the specified Devin Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Devin Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Devin Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin/{syncId}/sync-secrets: post: operationId: syncDevinSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Devin Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin/{syncId}/import-secrets: post: operationId: importDevinSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Devin Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Devin. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/devin/{syncId}/remove-secrets: post: operationId: removeDevinSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Devin Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Devin Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Devin destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Devin destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Devin destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - devin name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - devin destinationConfig: type: object properties: orgId: type: string minLength: 1 pattern: ^org\- description: The Devin organization ID to sync secrets to. required: - orgId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Devin required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona: get: operationId: listOnaSecretSyncs tags: - Secret Syncs description: List the Ona Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Ona Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOnaSecretSync tags: - Secret Syncs description: Create an Ona Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Ona Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Ona Sync. connectionId: type: string format: uuid description: The ID of the Ona Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona/{syncId}: get: operationId: getOnaSecretSync tags: - Secret Syncs description: Get the specified Ona Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOnaSecretSync tags: - Secret Syncs description: Update the specified Ona Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Ona Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Ona Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Ona Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOnaSecretSync tags: - Secret Syncs description: Delete the specified Ona Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona/sync-name/{syncName}: get: operationId: getOnaSecretSyncByName tags: - Secret Syncs description: Get the specified Ona Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Ona Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Ona Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona/{syncId}/sync-secrets: post: operationId: syncOnaSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Ona Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona/{syncId}/import-secrets: post: operationId: importOnaSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Ona Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Ona. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/ona/{syncId}/remove-secrets: post: operationId: removeOnaSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Ona Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Ona Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Ona destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Ona destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Ona destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - ona name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - ona destinationConfig: type: object properties: projectId: type: string minLength: 1 description: The Ona project ID to sync secrets to. projectName: type: string description: An optional display name for the Ona project. required: - projectId additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Ona required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci: get: operationId: listTravisCISecretSyncs tags: - Secret Syncs description: List the Travis CI Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Travis CI Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createTravisCISecretSync tags: - Secret Syncs description: Create a Travis CI Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Travis CI Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Travis CI Sync. connectionId: type: string format: uuid description: The ID of the Travis CI Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci/{syncId}: get: operationId: getTravisCISecretSync tags: - Secret Syncs description: Get the specified Travis CI Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateTravisCISecretSync tags: - Secret Syncs description: Update the specified Travis CI Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Travis CI Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Travis CI Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Travis CI Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteTravisCISecretSync tags: - Secret Syncs description: Delete the specified Travis CI Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci/sync-name/{syncName}: get: operationId: getTravisCISecretSyncByName tags: - Secret Syncs description: Get the specified Travis CI Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Travis CI Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Travis CI Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci/{syncId}/sync-secrets: post: operationId: syncTravisCISecretSync tags: - Secret Syncs description: Trigger a sync for the specified Travis CI Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci/{syncId}/import-secrets: post: operationId: importTravisCISecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Travis CI Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Travis CI. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/travis-ci/{syncId}/remove-secrets: post: operationId: removeTravisCISecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Travis CI Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Travis CI Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Travis CI destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Travis CI destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Travis CI destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - travis-ci name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - travis-ci destinationConfig: type: object properties: repositoryId: type: string minLength: 1 description: The ID of the Travis CI repository to sync secrets to. repositorySlug: type: string minLength: 1 description: The slug (owner/repo) of the Travis CI repository to sync secrets to. branch: type: string minLength: 1 description: The branch of the Travis CI repository to sync secrets to. If omitted, secrets sync to the repository-level scope. required: - repositoryId - repositorySlug additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Travis CI required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake: get: operationId: listSnowflakeSecretSyncs tags: - Secret Syncs description: List the Snowflake Syncs for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Snowflake Syncs from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSyncs: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSyncs additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSnowflakeSecretSync tags: - Secret Syncs description: Create a Snowflake Sync for the specified project environment. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The name of the Snowflake Sync to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the sync in. description: type: string maxLength: 256 nullable: true description: An optional description for the Snowflake Sync. connectionId: type: string format: uuid description: The ID of the Snowflake Connection to use for syncing. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The folder path to sync secrets from. isAutoSyncEnabled: type: boolean default: true description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - syncOptions - destinationConfig additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake/{syncId}: get: operationId: getSnowflakeSecretSync tags: - Secret Syncs description: Get the specified Snowflake Sync by ID. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSnowflakeSecretSync tags: - Secret Syncs description: Update the specified Snowflake Sync. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 256 description: The updated name of the Snowflake Sync. Must be slug-friendly. connectionId: type: string format: uuid description: The updated ID of the Snowflake Connection to use for syncing. description: type: string maxLength: 256 nullable: true description: The updated description of the Snowflake Sync. environment: type: string minLength: 1 maxLength: 64 description: The updated slug of the project environment to sync secrets from. secretPath: type: string minLength: 1 description: The updated folder path to sync secrets from. isAutoSyncEnabled: type: boolean description: Whether secrets should be automatically synced when changes occur at the source location or not. syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSnowflakeSecretSync tags: - Secret Syncs description: Delete the specified Snowflake Sync. parameters: - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: removeSecrets required: false description: Whether previously synced secrets should be removed prior to deletion. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake/sync-name/{syncName}: get: operationId: getSnowflakeSecretSyncByName tags: - Secret Syncs description: Get the specified Snowflake Sync by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Snowflake Sync is associated with. - schema: type: string minLength: 1 in: path name: syncName required: true description: The name of the Snowflake Sync to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake/{syncId}/sync-secrets: post: operationId: syncSnowflakeSecretSync tags: - Secret Syncs description: Trigger a sync for the specified Snowflake Sync. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to trigger a sync for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake/{syncId}/import-secrets: post: operationId: importSnowflakeSecretSyncSecrets tags: - Secret Syncs description: Import secrets from the specified Snowflake Sync destination. parameters: - schema: type: string enum: - prioritize-source - prioritize-destination in: query name: importBehavior required: true description: Specify whether Infisical should prioritize secret values from Infisical or Snowflake. - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to trigger importing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/secret-syncs/snowflake/{syncId}/remove-secrets: post: operationId: removeSnowflakeSecretSyncSecrets tags: - Secret Syncs description: Remove previously synced secrets from the specified Snowflake Sync destination. parameters: - schema: type: string format: uuid in: path name: syncId required: true description: The ID of the Snowflake Sync to trigger removing secrets for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretSync: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoSyncEnabled: type: boolean default: true version: type: number default: 1 projectId: type: string folderId: type: string format: uuid nullable: true connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time syncStatus: type: string nullable: true lastSyncJobId: type: string nullable: true lastSyncMessage: type: string nullable: true lastSyncedAt: type: string format: date-time nullable: true importStatus: type: string nullable: true lastImportJobId: type: string nullable: true lastImportMessage: type: string nullable: true lastImportedAt: type: string format: date-time nullable: true removeStatus: type: string nullable: true lastRemoveJobId: type: string nullable: true lastRemoveMessage: type: string nullable: true lastRemovedAt: type: string format: date-time nullable: true syncOptions: type: object properties: initialSyncBehavior: type: string enum: - overwrite-destination description: Specify how Infisical should resolve the initial sync to the Snowflake destination. keySchema: type: string description: Specify the format to use for structuring secret keys in the Snowflake destination. disableSecretDeletion: type: boolean description: Enable this flag to prevent removal of secrets from the Snowflake destination when syncing. required: - initialSyncBehavior additionalProperties: false description: Optional parameters to modify how secrets are synced. connection: type: object properties: app: type: string enum: - snowflake name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false nullable: true folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false nullable: true destination: type: string enum: - snowflake destinationConfig: type: object properties: database: type: string minLength: 1 description: The name of the Snowflake database to sync secrets to. schema: type: string minLength: 1 description: The name of the Snowflake schema (within the database) to sync secrets to. required: - database - schema additionalProperties: false required: - id - name - projectId - connectionId - createdAt - updatedAt - syncOptions - connection - environment - folder - destination - destinationConfig additionalProperties: false title: Snowflake required: - secretSync additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v1/events/subscribe/project-events: post: operationId: subscribeToProjectEvents tags: - Event Subscriptions description: Subscribe to project events requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to subscribe to events for. register: type: array items: type: object properties: event: type: string enum: - secret:create - secret:update - secret:delete - secret:import-mutation conditions: type: object properties: secretPath: type: string default: / environmentSlug: type: string additionalProperties: false required: - event additionalProperties: false minItems: 1 maxItems: 10 required: - projectId - register additionalProperties: false responses: '200': description: Default Response /api/v2/workspace/{projectId}/roles: post: operationId: createProjectRole tags: - Project Roles description: Create a project role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string minLength: 1 description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. required: - slug - name - permissions additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: Id of the project to create the role for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listProjectRoles tags: - Project Roles description: List project role parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - createdAt - updatedAt - projectId additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/roles/{roleId}: patch: operationId: updateProjectRole tags: - Project Roles description: Update a project role requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 64 description: The slug of the role. name: type: string description: The name of the role. description: type: string nullable: true description: The description for the role. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permissions assigned to the role. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the role for. - schema: type: string in: path name: roleId required: true description: The ID of the role to update security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteProjectRole tags: - Project Roles description: Delete a project role parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the role for. - schema: type: string in: path name: roleId required: true description: The ID of the role to update security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/roles/slug/{roleSlug}: get: operationId: getProjectRoleBySlug tags: - Project Roles parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project. - schema: type: string in: path name: roleSlug required: true description: The slug of the role to get details. responses: '200': description: Default Response content: application/json: schema: type: object properties: role: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true slug: type: string permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string required: - id - name - slug - permissions - createdAt - updatedAt - projectId additionalProperties: false required: - role additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/identity-project-additional-privilege: post: operationId: createIdentityProjectAdditionalPrivilege tags: - Identity Specific Privileges V2 description: Add an additional privilege for identity. requestBody: required: true content: application/json: schema: type: object properties: identityId: type: string minLength: 1 description: The ID of the machine identity to create the privilege for. projectId: type: string minLength: 1 description: The ID of the project of the identity in. slug: type: string minLength: 1 maxLength: 60 description: The slug of the privilege to create. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permission for the privilege. type: anyOf: - type: object properties: isTemporary: type: boolean enum: - false required: - isTemporary additionalProperties: false - type: object properties: isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative description: 'Type of temporary access given. Types: relative.' temporaryRange: type: string description: 'The TTL for the temporary access given. Eg: 1m, 1h, 1d.' temporaryAccessStartTime: type: string format: date-time description: The start time in ISO format when the temporary access should begin. required: - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false required: - identityId - projectId - permissions - type additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listIdentityProjectAdditionalPrivileges tags: - Identity Specific Privileges V2 description: List privileges for the specified identity by project. parameters: - schema: type: string minLength: 1 in: query name: identityId required: true description: The ID of the machine identity to list. - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project that the identity is in. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privileges: type: array items: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - createdAt - updatedAt additionalProperties: false required: - privileges additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/identity-project-additional-privilege/{id}: patch: operationId: updateIdentityProjectAdditionalPrivilege tags: - Identity Specific Privileges V2 description: Update a specific identity privilege. requestBody: required: true content: application/json: schema: type: object properties: slug: type: string minLength: 1 maxLength: 60 description: The slug of the privilege to update. permissions: type: array items: anyOf: - type: object properties: subject: type: string enum: - secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - describeSecret - readValue - create - edit - delete - type: array items: type: string enum: - read - describeSecret - readValue - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretTags: type: object properties: $in: type: array items: type: string minLength: 1 $all: type: array items: type: string minLength: 1 additionalProperties: false eventType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-folders description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-imports description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - dynamic-secrets description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease - type: array items: type: string enum: - read-root-credential - create-root-credential - edit-root-credential - delete-root-credential - lease minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - identity description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - revoke-auth - create-token - get-token - delete-token minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: identityId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-hosts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-host-cert - type: array items: type: string enum: - read - create - edit - delete - issue-host-cert minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: hostname: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-subscribers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - list-certs - type: array items: type: string enum: - read - create - edit - delete - issue-cert - list-certs minItems: 1 description: Describe what action an entity can take. inverted: type: boolean description: Whether rule allows or forbids. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rotation description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets - type: array items: type: string enum: - read - read-generated-credentials - create - edit - delete - rotate-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets - type: array items: type: string enum: - read - create - edit - delete - sync-secrets - import-secrets - remove-secrets minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-syncs description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates - type: array items: type: string enum: - read - create - edit - delete - sync-certificates - import-certificates - remove-certificates minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false subscriberName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-event-subscriptions description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events - type: array items: type: string enum: - subscribe-to-creation-events - subscribe-to-update-events - subscribe-to-deletion-events - subscribe-to-import-mutation-events minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-profiles description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments - type: array items: type: string enum: - read - create - edit - delete - issue-cert - reveal-acme-eab-secret - rotate-acme-eab-secret - manage-application-attachments minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: slug: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-policies description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-authorities description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate - type: array items: type: string enum: - read - create - edit - delete - issue-ca-certificate - sign-intermediate minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificates description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - read-private-key - import - type: array items: type: string enum: - read - create - edit - delete - read-private-key - import minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: commonName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false altNames: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false serialNumber: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false friendlyName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false status: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-rollback description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - member description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role - assign-additional-privileges - assume-privileges minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: userEmail: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false assignableSubject: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableAction: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - groups description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - grant-privileges - assign-role - type: array items: type: string enum: - read - create - edit - delete - grant-privileges - assign-role minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: groupName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false assignableRole: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - role description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - integrations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - webhooks description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - service-tokens description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - settings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - environments description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - tags description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - audit-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ip-allowlist description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-authorities description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-certificate-templates description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - ssh-host-groups description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-alerts description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-collections description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - certificate-inventory-views description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pki-certificate-installations description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - edit - delete - type: array items: type: string enum: - read - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - code-signers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - sign - type: array items: type: string enum: - read - create - edit - delete - sign minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - workspace description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - delete - type: array items: type: string enum: - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kms description: The entity this permission pertains to. action: anyOf: - type: string enum: - edit - type: array items: type: string enum: - edit minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - cmek description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key - type: array items: type: string enum: - read - create - edit - delete - encrypt - decrypt - sign - verify - export-private-key minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - kmip description: The entity this permission pertains to. action: anyOf: - type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates - type: array items: type: string enum: - create-clients - update-clients - delete-clients - read-clients - generate-client-certificates minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - commits description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - perform-rollback - type: array items: type: string enum: - read - perform-rollback minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-data-sources description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources - type: array items: type: string enum: - read-data-sources - create-data-sources - edit-data-sources - delete-data-sources - trigger-data-source-scans - read-data-source-scans - read-data-source-resources minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-findings description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-findings - update-findings - type: array items: type: string enum: - read-findings - update-findings minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-scanning-configs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read-configs - update-configs - type: array items: type: string enum: - read-configs - update-configs minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - app-connections description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials - type: array items: type: string enum: - read-app-connections - create-app-connections - edit-app-connections - delete-app-connections - connect-app-connections - rotate-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: connectionId: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-folders description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-resources description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-domains description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given domain. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-accounts description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials - type: array items: type: string enum: - access - read - create - edit - delete - trigger-rotation - read-credentials minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: resourceName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false accountName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false resourceType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainName: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false domainType: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false metadata: type: object properties: $elemMatch: type: object properties: key: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false value: type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false required: - $elemMatch additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-sessions description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - terminate - type: array items: type: string enum: - read - terminate minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-account-policies description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-discovery description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - run-scan - type: array items: type: string enum: - read - create - edit - delete - run-scan minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - pam-insights description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-endpoints description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - create - edit - delete - connect - type: array items: type: string enum: - read - create - edit - delete - connect minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: name: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $glob: type: string minLength: 1 $in: type: array items: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-servers description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - mcp-activity-logs description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - edit - delete - type: array items: type: string enum: - read - create - edit - delete minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - honey-tokens description: The entity this permission pertains to. inverted: type: boolean description: Whether rule allows or forbids. action: anyOf: - type: string enum: - read - read-credentials - create - edit - reset - revoke - type: array items: type: string enum: - read - read-credentials - create - edit - reset - revoke minItems: 1 description: Describe what action an entity can take. conditions: type: object properties: environment: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false secretPath: anyOf: - type: string - type: object properties: $eq: type: string minLength: 1 $ne: type: string minLength: 1 $in: type: array items: type: string minLength: 1 $glob: type: string minLength: 1 additionalProperties: false additionalProperties: false description: When specified, only matching conditions will be allowed to access given resource. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-requests description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - create - type: array items: type: string enum: - read - create minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - approval-request-grants description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - revoke - type: array items: type: string enum: - read - revoke minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false - type: object properties: subject: type: string enum: - secret-approval-request description: The entity this permission pertains to. action: anyOf: - type: string enum: - read - type: array items: type: string enum: - read minItems: 1 description: Describe what action an entity can take. required: - subject - action additionalProperties: false description: The permission for the privilege. type: anyOf: - type: object properties: isTemporary: type: boolean enum: - false description: Whether the privilege is temporary. required: - isTemporary additionalProperties: false - type: object properties: isTemporary: type: boolean enum: - true description: Whether the privilege is temporary. temporaryMode: type: string enum: - relative description: 'Type of temporary access given. Types: relative.' temporaryRange: type: string description: 'The TTL for the temporary access given. Eg: 1m, 1h, 1d.' temporaryAccessStartTime: type: string format: date-time description: The start time in ISO format when the temporary access should begin. required: - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false required: - slug - permissions - type additionalProperties: false parameters: - schema: type: string in: path name: id required: true description: The ID of the identity privilege. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteIdentityProjectAdditionalPrivilege tags: - Identity Specific Privileges V2 description: Delete the specified identity privilege. parameters: - schema: type: string in: path name: id required: true description: The ID of the identity privilege. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getIdentityProjectAdditionalPrivilege tags: - Identity Specific Privileges V2 description: Retrieve details of a specific privilege by id. parameters: - schema: type: string minLength: 1 in: path name: id required: true description: The ID of the identity privilege. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/identity-project-additional-privilege/slug/{privilegeSlug}: get: operationId: getIdentityProjectAdditionalPrivilegeBySlug tags: - Identity Specific Privileges V2 description: Retrieve details of a specific privilege by slug. parameters: - schema: type: string minLength: 1 in: query name: identityId required: true description: The ID of the machine identity to list. - schema: type: string minLength: 1 in: query name: projectSlug required: true description: The slug of the project of the identity in. - schema: type: string minLength: 1 in: path name: privilegeSlug required: true description: The slug of the privilege. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: privilege: type: object properties: id: type: string format: uuid slug: type: string isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true permissions: type: array items: type: object properties: subject: anyOf: - type: string minLength: 1 - type: array items: type: string action: anyOf: - type: string minLength: 1 - type: array items: type: string conditions: {} inverted: type: boolean required: - action additionalProperties: false createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - slug - permissions - createdAt - updatedAt additionalProperties: false required: - privilege additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/options: get: operationId: listSecretRotationOptions tags: - Secret Rotations description: List the available Secret Rotation Options. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotationOptions: type: array items: anyOf: - type: object properties: name: type: string enum: - PostgreSQL Credentials connection: type: string enum: - postgres type: type: string enum: - postgres-credentials template: type: object properties: createUserStatement: type: string rotationStatement: type: string secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - createUserStatement - rotationStatement - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Microsoft SQL Server Credentials connection: type: string enum: - mssql type: type: string enum: - mssql-credentials template: type: object properties: createUserStatement: type: string rotationStatement: type: string secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - createUserStatement - rotationStatement - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - MySQL Credentials connection: type: string enum: - mysql type: type: string enum: - mysql-credentials template: type: object properties: createUserStatement: type: string rotationStatement: type: string secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - createUserStatement - rotationStatement - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - OracleDB Credentials connection: type: string enum: - oracledb type: type: string enum: - oracledb-credentials template: type: object properties: createUserStatement: type: string rotationStatement: type: string secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - createUserStatement - rotationStatement - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Auth0 Client Secret connection: type: string enum: - auth0 type: type: string enum: - auth0-client-secret template: type: object properties: secretsMapping: type: object properties: clientId: type: string clientSecret: type: string required: - clientId - clientSecret additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Azure Client Secret connection: type: string enum: - azure-client-secrets type: type: string enum: - azure-client-secret template: type: object properties: secretsMapping: type: object properties: clientId: type: string clientSecret: type: string required: - clientId - clientSecret additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - AWS IAM User Secret connection: type: string enum: - aws type: type: string enum: - aws-iam-user-secret template: type: object properties: secretsMapping: type: object properties: accessKeyId: type: string secretAccessKey: type: string required: - accessKeyId - secretAccessKey additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - LDAP Password connection: type: string enum: - ldap type: type: string enum: - ldap-password template: type: object properties: secretsMapping: type: object properties: dn: type: string password: type: string required: - dn - password additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Okta Client Secret connection: type: string enum: - okta type: type: string enum: - okta-client-secret template: type: object properties: secretsMapping: type: object properties: clientId: type: string clientSecret: type: string required: - clientId - clientSecret additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Redis Credentials connection: type: string enum: - redis type: type: string enum: - redis-credentials template: type: object properties: secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - MongoDB Credentials connection: type: string enum: - mongodb type: type: string enum: - mongodb-credentials template: type: object properties: createUserStatement: type: string secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - createUserStatement - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Databricks Service Principal Secret connection: type: string enum: - databricks type: type: string enum: - databricks-service-principal-secret template: type: object properties: secretsMapping: type: object properties: clientId: type: string clientSecret: type: string required: - clientId - clientSecret additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Unix/Linux Local Account connection: type: string enum: - ssh type: type: string enum: - unix-linux-local-account template: type: object properties: secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - DBT Service Token connection: type: string enum: - dbt type: type: string enum: - dbt-service-token template: type: object properties: secretsMapping: type: object properties: serviceToken: type: string required: - serviceToken additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Windows Local Account connection: type: string enum: - smb type: type: string enum: - windows-local-account template: type: object properties: secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - OpenRouter API Key connection: type: string enum: - open-router type: type: string enum: - open-router-api-key template: type: object properties: secretsMapping: type: object properties: apiKey: type: string required: - apiKey additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - HP iLO Local Account connection: type: string enum: - ssh type: type: string enum: - hp-ilo-local-account template: type: object properties: secretsMapping: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Supabase API Key connection: type: string enum: - supabase type: type: string enum: - supabase-api-key template: type: object properties: secretsMapping: type: object properties: apiKey: type: string required: - apiKey additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Salesforce OAuth Credentials connection: type: string enum: - salesforce type: type: string enum: - salesforce-oauth-credentials template: type: object properties: secretsMapping: type: object properties: consumerKey: type: string consumerSecret: type: string required: - consumerKey - consumerSecret additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Datadog Application Key Secret connection: type: string enum: - datadog type: type: string enum: - datadog-application-key-secret template: type: object properties: secretsMapping: type: object properties: applicationKeyId: type: string applicationKey: type: string required: - applicationKeyId - applicationKey additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false - type: object properties: name: type: string enum: - Convex Access Key connection: type: string enum: - convex type: type: string enum: - convex-access-key template: type: object properties: secretsMapping: type: object properties: accessKey: type: string required: - accessKey additionalProperties: false required: - secretsMapping additionalProperties: false required: - name - connection - type - template additionalProperties: false required: - secretRotationOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations: get: operationId: listSecretRotations tags: - Secret Rotations description: List all the Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: anyOf: - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false - type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials: get: operationId: listPostgreSQLCredentialsRotations tags: - Secret Rotations description: List the PostgreSQL Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list PostgreSQL Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createPostgreSQLCredentialsRotation tags: - Secret Rotations description: Create a PostgreSQL Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the PostgreSQL Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the PostgreSQL Credentials Rotation. connectionId: type: string format: uuid description: The ID of the PostgreSQL Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/{rotationId}: get: operationId: getPostgreSQLCredentialsRotation tags: - Secret Rotations description: Get the specified PostgreSQL Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updatePostgreSQLCredentialsRotation tags: - Secret Rotations description: Update the specified PostgreSQL Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the PostgreSQL Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the PostgreSQL Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePostgreSQLCredentialsRotation tags: - Secret Rotations description: Delete the specified PostgreSQL Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/rotation-name/{rotationName}: get: operationId: getPostgreSQLCredentialsRotationByName tags: - Secret Rotations description: Get the specified PostgreSQL Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the PostgreSQL Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the PostgreSQL Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the PostgreSQL Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the PostgreSQL Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/{rotationId}/generated-credentials: get: operationId: getPostgreSQLCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified PostgreSQL Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - postgres-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/{rotationId}/move: post: operationId: movePostgreSQLCredentialsRotation tags: - Secret Rotations description: Move the specified PostgreSQL Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/{rotationId}/rotate-secrets: post: operationId: rotatePostgreSQLCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified PostgreSQL Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - postgres name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - postgres-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/postgres-credentials/{rotationId}/check-credentials: post: operationId: checkPostgreSQLCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified PostgreSQL Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the PostgreSQL Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials: get: operationId: listMicrosoftSQLServerCredentialsRotations tags: - Secret Rotations description: List the Microsoft SQL Server Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Microsoft SQL Server Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Create a Microsoft SQL Server Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Microsoft SQL Server Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Microsoft SQL Server Credentials Rotation. connectionId: type: string format: uuid description: The ID of the Microsoft SQL Server Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/{rotationId}: get: operationId: getMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Get the specified Microsoft SQL Server Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Update the specified Microsoft SQL Server Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Microsoft SQL Server Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Microsoft SQL Server Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Delete the specified Microsoft SQL Server Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/rotation-name/{rotationName}: get: operationId: getMicrosoftSQLServerCredentialsRotationByName tags: - Secret Rotations description: Get the specified Microsoft SQL Server Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Microsoft SQL Server Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Microsoft SQL Server Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Microsoft SQL Server Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Microsoft SQL Server Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/{rotationId}/generated-credentials: get: operationId: getMicrosoftSQLServerCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Microsoft SQL Server Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - mssql-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/{rotationId}/move: post: operationId: moveMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Move the specified Microsoft SQL Server Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/{rotationId}/rotate-secrets: post: operationId: rotateMicrosoftSQLServerCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Microsoft SQL Server Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mssql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mssql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mssql-credentials/{rotationId}/check-credentials: post: operationId: checkMicrosoftSQLServerCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Microsoft SQL Server Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Microsoft SQL Server Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials: get: operationId: listMySQLCredentialsRotations tags: - Secret Rotations description: List the MySQL Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list MySQL Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMySQLCredentialsRotation tags: - Secret Rotations description: Create a MySQL Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the MySQL Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the MySQL Credentials Rotation. connectionId: type: string format: uuid description: The ID of the MySQL Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/{rotationId}: get: operationId: getMySQLCredentialsRotation tags: - Secret Rotations description: Get the specified MySQL Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMySQLCredentialsRotation tags: - Secret Rotations description: Update the specified MySQL Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the MySQL Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the MySQL Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMySQLCredentialsRotation tags: - Secret Rotations description: Delete the specified MySQL Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/rotation-name/{rotationName}: get: operationId: getMySQLCredentialsRotationByName tags: - Secret Rotations description: Get the specified MySQL Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the MySQL Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the MySQL Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the MySQL Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the MySQL Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/{rotationId}/generated-credentials: get: operationId: getMySQLCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified MySQL Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - mysql-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/{rotationId}/move: post: operationId: moveMySQLCredentialsRotation tags: - Secret Rotations description: Move the specified MySQL Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/{rotationId}/rotate-secrets: post: operationId: rotateMySQLCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified MySQL Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mysql name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mysql-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mysql-credentials/{rotationId}/check-credentials: post: operationId: checkMySQLCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified MySQL Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MySQL Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials: get: operationId: listOracleDBCredentialsRotations tags: - Secret Rotations description: List the OracleDB Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list OracleDB Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOracleDBCredentialsRotation tags: - Secret Rotations description: Create an OracleDB Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OracleDB Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the OracleDB Credentials Rotation. connectionId: type: string format: uuid description: The ID of the OracleDB Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/{rotationId}: get: operationId: getOracleDBCredentialsRotation tags: - Secret Rotations description: Get the specified OracleDB Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOracleDBCredentialsRotation tags: - Secret Rotations description: Update the specified OracleDB Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OracleDB Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OracleDB Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOracleDBCredentialsRotation tags: - Secret Rotations description: Delete the specified OracleDB Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/rotation-name/{rotationName}: get: operationId: getOracleDBCredentialsRotationByName tags: - Secret Rotations description: Get the specified OracleDB Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the OracleDB Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the OracleDB Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the OracleDB Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the OracleDB Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/{rotationId}/generated-credentials: get: operationId: getOracleDBCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified OracleDB Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - oracledb-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/{rotationId}/move: post: operationId: moveOracleDBCredentialsRotation tags: - Secret Rotations description: Move the specified OracleDB Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/{rotationId}/rotate-secrets: post: operationId: rotateOracleDBCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified OracleDB Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - oracledb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - oracledb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. rotationStatement: type: string minLength: 1 description: The SQL template query used for rotation. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/oracledb-credentials/{rotationId}/check-credentials: post: operationId: checkOracleDBCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified OracleDB Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OracleDB Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret: get: operationId: listAuth0ClientSecretRotations tags: - Secret Rotations description: List the Auth0 Client Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Auth0 Client Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAuth0ClientSecretRotation tags: - Secret Rotations description: Create an Auth0 Client Secret Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Auth0 Client Secret Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Auth0 Client Secret Rotation. connectionId: type: string format: uuid description: The ID of the Auth0 Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/{rotationId}: get: operationId: getAuth0ClientSecretRotation tags: - Secret Rotations description: Get the specified Auth0 Client Secret Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAuth0ClientSecretRotation tags: - Secret Rotations description: Update the specified Auth0 Client Secret Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Auth0 Client Secret Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Auth0 Client Secret Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAuth0ClientSecretRotation tags: - Secret Rotations description: Delete the specified Auth0 Client Secret Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/rotation-name/{rotationName}: get: operationId: getAuth0ClientSecretRotationByName tags: - Secret Rotations description: Get the specified Auth0 Client Secret Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Auth0 Client Secret Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Auth0 Client Secret Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Auth0 Client Secret Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Auth0 Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/{rotationId}/generated-credentials: get: operationId: getAuth0ClientSecretRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Auth0 Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: clientId: type: string clientSecret: type: string required: - clientId - clientSecret additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - auth0-client-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/{rotationId}/move: post: operationId: moveAuth0ClientSecretRotation tags: - Secret Rotations description: Move the specified Auth0 Client Secret Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/{rotationId}/rotate-secrets: post: operationId: rotateAuth0ClientSecretRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Auth0 Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - auth0 name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - auth0-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The client ID of the Auth0 Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/auth0-client-secret/{rotationId}/check-credentials: post: operationId: checkAuth0ClientSecretRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Auth0 Client Secret Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Auth0 Client Secret Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret: get: operationId: listAzureClientSecretRotations tags: - Secret Rotations description: List the Azure Client Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Azure Client Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAzureClientSecretRotation tags: - Secret Rotations description: Create an Azure Client Secret Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Azure Client Secret Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Azure Client Secret Rotation. connectionId: type: string format: uuid description: The ID of the Azure Client Secrets Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/{rotationId}: get: operationId: getAzureClientSecretRotation tags: - Secret Rotations description: Get the specified Azure Client Secret Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAzureClientSecretRotation tags: - Secret Rotations description: Update the specified Azure Client Secret Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Azure Client Secret Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Azure Client Secret Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAzureClientSecretRotation tags: - Secret Rotations description: Delete the specified Azure Client Secret Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/rotation-name/{rotationName}: get: operationId: getAzureClientSecretRotationByName tags: - Secret Rotations description: Get the specified Azure Client Secret Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Azure Client Secret Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Azure Client Secret Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Azure Client Secret Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Azure Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/{rotationId}/generated-credentials: get: operationId: getAzureClientSecretRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Azure Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: clientId: type: string clientSecret: type: string keyId: type: string required: - clientId - clientSecret - keyId additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - azure-client-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/{rotationId}/move: post: operationId: moveAzureClientSecretRotation tags: - Secret Rotations description: Move the specified Azure Client Secret Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/{rotationId}/rotate-secrets: post: operationId: rotateAzureClientSecretRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Azure Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - azure-client-secrets name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - azure-client-secret parameters: type: object properties: objectId: type: string minLength: 1 description: The ID of the Azure Application to rotate the client secret for. appName: type: string description: The name of the Azure Application to rotate the client secret for. clientId: type: string minLength: 1 description: The client ID of the Azure Application to rotate the client secret for. required: - objectId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/azure-client-secret/{rotationId}/check-credentials: post: operationId: checkAzureClientSecretRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Azure Client Secret Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Azure Client Secret Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret: get: operationId: listAWSIAMUserSecretRotations tags: - Secret Rotations description: List the AWS IAM User Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list AWS IAM User Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createAWSIAMUserSecretRotation tags: - Secret Rotations description: Create an AWS IAM User Secret Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the AWS IAM User Secret Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the AWS IAM User Secret Rotation. connectionId: type: string format: uuid description: The ID of the AWS Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/{rotationId}: get: operationId: getAWSIAMUserSecretRotation tags: - Secret Rotations description: Get the specified AWS IAM User Secret Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateAWSIAMUserSecretRotation tags: - Secret Rotations description: Update the specified AWS IAM User Secret Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the AWS IAM User Secret Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the AWS IAM User Secret Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteAWSIAMUserSecretRotation tags: - Secret Rotations description: Delete the specified AWS IAM User Secret Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/rotation-name/{rotationName}: get: operationId: getAWSIAMUserSecretRotationByName tags: - Secret Rotations description: Get the specified AWS IAM User Secret Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the AWS IAM User Secret Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the AWS IAM User Secret Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the AWS IAM User Secret Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the AWS IAM User Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/{rotationId}/generated-credentials: get: operationId: getAWSIAMUserSecretRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified AWS IAM User Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: accessKeyId: type: string secretAccessKey: type: string required: - accessKeyId - secretAccessKey additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - aws-iam-user-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/{rotationId}/move: post: operationId: moveAWSIAMUserSecretRotation tags: - Secret Rotations description: Move the specified AWS IAM User Secret Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/{rotationId}/rotate-secrets: post: operationId: rotateAWSIAMUserSecretRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified AWS IAM User Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - aws name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - aws-iam-user-secret parameters: type: object properties: userName: type: string minLength: 1 description: The name of the client to rotate credentials for. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region the client is present in. required: - userName additionalProperties: false secretsMapping: type: object properties: accessKeyId: type: string minLength: 1 description: The name of the secret that the access key ID will be mapped to. secretAccessKey: type: string minLength: 1 description: The name of the secret that the rotated secret access key will be mapped to. required: - accessKeyId - secretAccessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/aws-iam-user-secret/{rotationId}/check-credentials: post: operationId: checkAWSIAMUserSecretRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified AWS IAM User Secret Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the AWS IAM User Secret Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password: get: operationId: listLDAPPasswordRotations tags: - Secret Rotations description: List the LDAP Password Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list LDAP Password Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createLDAPPasswordRotation tags: - Secret Rotations description: Create a LDAP Password Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the LDAP Password Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the LDAP Password Rotation. connectionId: type: string format: uuid description: The ID of the LDAP Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false temporaryParameters: type: object properties: password: type: string minLength: 1 description: The password of the provided principal if "parameters.rotationMethod" is set to "target-principal". required: - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/{rotationId}: get: operationId: getLDAPPasswordRotation tags: - Secret Rotations description: Get the specified LDAP Password Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateLDAPPasswordRotation tags: - Secret Rotations description: Update the specified LDAP Password Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the LDAP Password Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the LDAP Password Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteLDAPPasswordRotation tags: - Secret Rotations description: Delete the specified LDAP Password Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/rotation-name/{rotationName}: get: operationId: getLDAPPasswordRotationByName tags: - Secret Rotations description: Get the specified LDAP Password Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the LDAP Password Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the LDAP Password Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the LDAP Password Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the LDAP Password Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/{rotationId}/generated-credentials: get: operationId: getLDAPPasswordRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified LDAP Password Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: dn: type: string password: type: string required: - dn - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - ldap-password required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/{rotationId}/move: post: operationId: moveLDAPPasswordRotation tags: - Secret Rotations description: Move the specified LDAP Password Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/{rotationId}/rotate-secrets: post: operationId: rotateLDAPPasswordRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified LDAP Password Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ldap name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - ldap-password parameters: type: object properties: dn: type: string minLength: 1 description: The Distinguished Name (DN) or User Principal Name (UPN) of the principal to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - connection-principal - target-principal description: Whether the rotation should be performed by the LDAP "connection-principal" or the "target-principal" (defaults to 'connection-principal'). required: - dn additionalProperties: false secretsMapping: type: object properties: dn: type: string minLength: 1 description: The name of the secret that the Distinguished Name (DN) or User Principal Name (UPN) of the principal will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - dn - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/ldap-password/{rotationId}/check-credentials: post: operationId: checkLDAPPasswordRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified LDAP Password Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the LDAP Password Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret: get: operationId: listOktaClientSecretRotations tags: - Secret Rotations description: List the Okta Client Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Okta Client Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOktaClientSecretRotation tags: - Secret Rotations description: Create an Okta Client Secret Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Okta Client Secret Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Okta Client Secret Rotation. connectionId: type: string format: uuid description: The ID of the Okta Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/{rotationId}: get: operationId: getOktaClientSecretRotation tags: - Secret Rotations description: Get the specified Okta Client Secret Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOktaClientSecretRotation tags: - Secret Rotations description: Update the specified Okta Client Secret Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Okta Client Secret Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Okta Client Secret Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOktaClientSecretRotation tags: - Secret Rotations description: Delete the specified Okta Client Secret Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/rotation-name/{rotationName}: get: operationId: getOktaClientSecretRotationByName tags: - Secret Rotations description: Get the specified Okta Client Secret Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Okta Client Secret Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Okta Client Secret Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Okta Client Secret Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Okta Client Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/{rotationId}/generated-credentials: get: operationId: getOktaClientSecretRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Okta Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: clientId: type: string clientSecret: type: string secretId: type: string required: - clientId - clientSecret - secretId additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - okta-client-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/{rotationId}/move: post: operationId: moveOktaClientSecretRotation tags: - Secret Rotations description: Move the specified Okta Client Secret Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/{rotationId}/rotate-secrets: post: operationId: rotateOktaClientSecretRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Okta Client Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - okta name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - okta-client-secret parameters: type: object properties: clientId: type: string minLength: 1 description: The ID of the Okta Application to rotate the client secret for. required: - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/okta-client-secret/{rotationId}/check-credentials: post: operationId: checkOktaClientSecretRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Okta Client Secret Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Okta Client Secret Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials: get: operationId: listRedisCredentialsRotations tags: - Secret Rotations description: List the Redis Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Redis Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createRedisCredentialsRotation tags: - Secret Rotations description: Create a Redis Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Redis Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Redis Credentials Rotation. connectionId: type: string format: uuid description: The ID of the Redis Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/{rotationId}: get: operationId: getRedisCredentialsRotation tags: - Secret Rotations description: Get the specified Redis Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateRedisCredentialsRotation tags: - Secret Rotations description: Update the specified Redis Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Redis Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Redis Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteRedisCredentialsRotation tags: - Secret Rotations description: Delete the specified Redis Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/rotation-name/{rotationName}: get: operationId: getRedisCredentialsRotationByName tags: - Secret Rotations description: Get the specified Redis Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Redis Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Redis Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Redis Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Redis Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/{rotationId}/generated-credentials: get: operationId: getRedisCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Redis Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - redis-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/{rotationId}/move: post: operationId: moveRedisCredentialsRotation tags: - Secret Rotations description: Move the specified Redis Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/{rotationId}/rotate-secrets: post: operationId: rotateRedisCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Redis Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - redis name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - redis-credentials parameters: type: object properties: passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. permissionScope: type: string minLength: 1 description: The ACL permission scope to assign to the issued Redis users. required: - permissionScope additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/redis-credentials/{rotationId}/check-credentials: post: operationId: checkRedisCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Redis Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Redis Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials: get: operationId: listMongoDBCredentialsRotations tags: - Secret Rotations description: List the MongoDB Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list MongoDB Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createMongoDBCredentialsRotation tags: - Secret Rotations description: Create a MongoDB Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the MongoDB Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the MongoDB Credentials Rotation. connectionId: type: string format: uuid description: The ID of the MongoDB Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/{rotationId}: get: operationId: getMongoDBCredentialsRotation tags: - Secret Rotations description: Get the specified MongoDB Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateMongoDBCredentialsRotation tags: - Secret Rotations description: Update the specified MongoDB Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the MongoDB Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the MongoDB Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteMongoDBCredentialsRotation tags: - Secret Rotations description: Delete the specified MongoDB Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/rotation-name/{rotationName}: get: operationId: getMongoDBCredentialsRotationByName tags: - Secret Rotations description: Get the specified MongoDB Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the MongoDB Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the MongoDB Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the MongoDB Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the MongoDB Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/{rotationId}/generated-credentials: get: operationId: getMongoDBCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified MongoDB Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - mongodb-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/{rotationId}/move: post: operationId: moveMongoDBCredentialsRotation tags: - Secret Rotations description: Move the specified MongoDB Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/{rotationId}/rotate-secrets: post: operationId: rotateMongoDBCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified MongoDB Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - mongodb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - mongodb-credentials parameters: type: object properties: username1: type: string minLength: 1 description: The username of the first login to rotate passwords for. This user must already exists in your database. username2: type: string minLength: 1 description: The username of the second login to rotate passwords for. This user must already exists in your database. required: - username1 - username2 additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the active username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the generated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/mongodb-credentials/{rotationId}/check-credentials: post: operationId: checkMongoDBCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified MongoDB Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the MongoDB Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret: get: operationId: listDatabricksServicePrincipalSecretRotations tags: - Secret Rotations description: List the Databricks Service Principal Secret Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Databricks Service Principal Secret Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Create a Databricks Service Principal Secret Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Databricks Service Principal Secret Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Databricks Service Principal Secret Rotation. connectionId: type: string format: uuid description: The ID of the Databricks Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/{rotationId}: get: operationId: getDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Get the specified Databricks Service Principal Secret Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Update the specified Databricks Service Principal Secret Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Databricks Service Principal Secret Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Databricks Service Principal Secret Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Delete the specified Databricks Service Principal Secret Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/rotation-name/{rotationName}: get: operationId: getDatabricksServicePrincipalSecretRotationByName tags: - Secret Rotations description: Get the specified Databricks Service Principal Secret Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Databricks Service Principal Secret Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Databricks Service Principal Secret Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Databricks Service Principal Secret Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Databricks Service Principal Secret Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/{rotationId}/generated-credentials: get: operationId: getDatabricksServicePrincipalSecretRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Databricks Service Principal Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: clientId: type: string clientSecret: type: string secretId: type: string required: - clientId - clientSecret - secretId additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - databricks-service-principal-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/{rotationId}/move: post: operationId: moveDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Move the specified Databricks Service Principal Secret Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/{rotationId}/rotate-secrets: post: operationId: rotateDatabricksServicePrincipalSecretRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Databricks Service Principal Secret Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - databricks name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - databricks-service-principal-secret parameters: type: object properties: servicePrincipalId: type: string minLength: 1 description: The ID of the Databricks Service Principal to rotate the OAuth secret for. servicePrincipalName: type: string description: The name of the Databricks Service Principal to rotate the OAuth secret for. clientId: type: string minLength: 1 description: The client ID of the Databricks Service Principal to rotate the OAuth secret for. required: - servicePrincipalId - clientId additionalProperties: false secretsMapping: type: object properties: clientId: type: string minLength: 1 description: The name of the secret that the client ID will be mapped to. clientSecret: type: string minLength: 1 description: The name of the secret that the rotated OAuth client secret will be mapped to. required: - clientId - clientSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/databricks-service-principal-secret/{rotationId}/check-credentials: post: operationId: checkDatabricksServicePrincipalSecretRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Databricks Service Principal Secret Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Databricks Service Principal Secret Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account: get: operationId: listUnix/LinuxLocalAccountRotations tags: - Secret Rotations description: List the Unix/Linux Local Account Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Unix/Linux Local Account Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Create an Unix/Linux Local Account Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Unix/Linux Local Account Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Unix/Linux Local Account Rotation. connectionId: type: string format: uuid description: The ID of the SSH Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false temporaryParameters: type: object properties: password: type: string description: The current password of the target user. Required if "parameters.rotationMethod" is set to "login-as-target". additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}: get: operationId: getUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Get the specified Unix/Linux Local Account Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Update the specified Unix/Linux Local Account Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Unix/Linux Local Account Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Unix/Linux Local Account Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Delete the specified Unix/Linux Local Account Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/rotation-name/{rotationName}: get: operationId: getUnix/LinuxLocalAccountRotationByName tags: - Secret Rotations description: Get the specified Unix/Linux Local Account Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Unix/Linux Local Account Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Unix/Linux Local Account Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Unix/Linux Local Account Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Unix/Linux Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}/generated-credentials: get: operationId: getUnix/LinuxLocalAccountRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Unix/Linux Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - unix-linux-local-account required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}/move: post: operationId: moveUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Move the specified Unix/Linux Local Account Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}/rotate-secrets: post: operationId: rotateUnix/LinuxLocalAccountRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Unix/Linux Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}/check-credentials: post: operationId: checkUnix/LinuxLocalAccountRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Unix/Linux Local Account Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Unix/Linux Local Account Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/unix-linux-local-account/{rotationId}/reconcile: post: tags: - Secret Rotations description: Reconcile Unix/Linux Local Account rotation credentials. This operation uses the SSH app connection credentials to reset the password when credentials are out of sync. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the SSH Password Rotation to reconcile credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string reconciled: type: boolean secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - unix-linux-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the Unix/Linux user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". useSudo: type: boolean default: true description: If true, uses sudo when executing the password rotation command. Defaults to false. required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - message - reconciled - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token: get: operationId: listDBTServiceTokenRotations tags: - Secret Rotations description: List the DBT Service Token Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list DBT Service Token Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDBTServiceTokenRotation tags: - Secret Rotations description: Create a DBT Service Token Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the DBT Service Token Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the DBT Service Token Rotation. connectionId: type: string format: uuid description: The ID of the DBT Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/{rotationId}: get: operationId: getDBTServiceTokenRotation tags: - Secret Rotations description: Get the specified DBT Service Token Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDBTServiceTokenRotation tags: - Secret Rotations description: Update the specified DBT Service Token Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the DBT Service Token Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the DBT Service Token Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDBTServiceTokenRotation tags: - Secret Rotations description: Delete the specified DBT Service Token Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/rotation-name/{rotationName}: get: operationId: getDBTServiceTokenRotationByName tags: - Secret Rotations description: Get the specified DBT Service Token Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the DBT Service Token Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the DBT Service Token Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the DBT Service Token Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the DBT Service Token Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/{rotationId}/generated-credentials: get: operationId: getDBTServiceTokenRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified DBT Service Token Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: serviceToken: type: string tokenId: type: number tokenName: type: string required: - serviceToken - tokenId - tokenName additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - dbt-service-token required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/{rotationId}/move: post: operationId: moveDBTServiceTokenRotation tags: - Secret Rotations description: Move the specified DBT Service Token Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/{rotationId}/rotate-secrets: post: operationId: rotateDBTServiceTokenRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified DBT Service Token Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - dbt name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - dbt-service-token parameters: type: object properties: tokenName: type: string minLength: 1 maxLength: 255 description: The name of the service token to create. permissionGrants: type: array items: type: object properties: permissionSet: type: string enum: - account_admin - account_viewer - admin - analyst - billing_admin - cost_insights_admin - cost_insights_viewer - cost_management_admin - cost_management_viewer - database_admin - developer - fusion_admin - git_admin - job_admin - job_runner - job_viewer - manage_marketplace_apps - member - metadata_only - owner - project_creator - readonly - scim_only - security_admin - semantic_layer_only - stakeholder - team_admin - webhooks_only projectId: type: number required: - permissionSet additionalProperties: false minItems: 1 description: The permission grants to apply to the service token. required: - tokenName - permissionGrants additionalProperties: false secretsMapping: type: object properties: serviceToken: type: string minLength: 1 description: The name of the secret that the service token will be mapped to. required: - serviceToken additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/dbt-service-token/{rotationId}/check-credentials: post: operationId: checkDBTServiceTokenRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified DBT Service Token Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the DBT Service Token Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account: get: operationId: listWindowsLocalAccountRotations tags: - Secret Rotations description: List the Windows Local Account Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Windows Local Account Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createWindowsLocalAccountRotation tags: - Secret Rotations description: Create a Windows Local Account Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Windows Local Account Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Windows Local Account Rotation. connectionId: type: string format: uuid description: The ID of the SMB Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false temporaryParameters: type: object properties: password: type: string description: The current password of the target user. Required if "parameters.rotationMethod" is set to "login-as-target". additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}: get: operationId: getWindowsLocalAccountRotation tags: - Secret Rotations description: Get the specified Windows Local Account Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateWindowsLocalAccountRotation tags: - Secret Rotations description: Update the specified Windows Local Account Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Windows Local Account Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Windows Local Account Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteWindowsLocalAccountRotation tags: - Secret Rotations description: Delete the specified Windows Local Account Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/rotation-name/{rotationName}: get: operationId: getWindowsLocalAccountRotationByName tags: - Secret Rotations description: Get the specified Windows Local Account Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Windows Local Account Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Windows Local Account Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Windows Local Account Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Windows Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}/generated-credentials: get: operationId: getWindowsLocalAccountRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Windows Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - windows-local-account required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}/move: post: operationId: moveWindowsLocalAccountRotation tags: - Secret Rotations description: Move the specified Windows Local Account Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}/rotate-secrets: post: operationId: rotateWindowsLocalAccountRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Windows Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}/check-credentials: post: operationId: checkWindowsLocalAccountRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Windows Local Account Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Windows Local Account Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/windows-local-account/{rotationId}/reconcile: post: tags: - Secret Rotations description: Reconcile Windows Local Account rotation credentials. This operation uses the Windows App Connection's administrator credentials to reset the password when credentials are out of sync. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the SSH Password Rotation to reconcile credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string reconciled: type: boolean secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - smb name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - windows-local-account parameters: type: object properties: username: type: string minLength: 1 maxLength: 20 description: The username of the Windows user account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-target". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - message - reconciled - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key: get: operationId: listOpenRouterAPIKeyRotations tags: - Secret Rotations description: List the OpenRouter API Key Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list OpenRouter API Key Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createOpenRouterAPIKeyRotation tags: - Secret Rotations description: Create an OpenRouter API Key Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the OpenRouter API Key Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the OpenRouter API Key Rotation. connectionId: type: string format: uuid description: The ID of the OpenRouter Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/{rotationId}: get: operationId: getOpenRouterAPIKeyRotation tags: - Secret Rotations description: Get the specified OpenRouter API Key Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateOpenRouterAPIKeyRotation tags: - Secret Rotations description: Update the specified OpenRouter API Key Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the OpenRouter API Key Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the OpenRouter API Key Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOpenRouterAPIKeyRotation tags: - Secret Rotations description: Delete the specified OpenRouter API Key Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/rotation-name/{rotationName}: get: operationId: getOpenRouterAPIKeyRotationByName tags: - Secret Rotations description: Get the specified OpenRouter API Key Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the OpenRouter API Key Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the OpenRouter API Key Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the OpenRouter API Key Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the OpenRouter API Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/{rotationId}/generated-credentials: get: operationId: getOpenRouterAPIKeyRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified OpenRouter API Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: apiKey: type: string keyHash: type: string required: - apiKey - keyHash additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - open-router-api-key required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/{rotationId}/move: post: operationId: moveOpenRouterAPIKeyRotation tags: - Secret Rotations description: Move the specified OpenRouter API Key Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/{rotationId}/rotate-secrets: post: operationId: rotateOpenRouterAPIKeyRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified OpenRouter API Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - open-router name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - open-router-api-key parameters: type: object properties: name: type: string minLength: 1 maxLength: 100 description: The name for the generated OpenRouter API key. limit: type: number exclusiveMinimum: true minimum: 0 nullable: true description: The optional spending limit in USD for the generated API key. limitReset: type: string enum: - daily - weekly - monthly nullable: true description: The type of limit reset for the API key (daily, weekly, monthly, or null for no reset). includeByokInLimit: type: boolean nullable: true description: Whether to include BYOK (Bring Your Own Key) usage in the spending limit. When enabled, usage from your own provider keys counts toward this key's limit. See OpenRouter BYOK docs for details. required: - name additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated OpenRouter API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/open-router-api-key/{rotationId}/check-credentials: post: operationId: checkOpenRouterAPIKeyRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified OpenRouter API Key Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the OpenRouter API Key Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account: get: operationId: listHPiLOLocalAccountRotations tags: - Secret Rotations description: List the HP iLO Local Account Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list HP iLO Local Account Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createHPiLOLocalAccountRotation tags: - Secret Rotations description: Create a HP iLO Local Account Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the HP iLO Local Account Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the HP iLO Local Account Rotation. connectionId: type: string format: uuid description: The ID of the SSH Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false temporaryParameters: type: object properties: password: type: string description: The current password of the target user. Required if "parameters.rotationMethod" is set to "login-as-target". additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}: get: operationId: getHPiLOLocalAccountRotation tags: - Secret Rotations description: Get the specified HP iLO Local Account Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateHPiLOLocalAccountRotation tags: - Secret Rotations description: Update the specified HP iLO Local Account Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the HP iLO Local Account Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the HP iLO Local Account Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteHPiLOLocalAccountRotation tags: - Secret Rotations description: Delete the specified HP iLO Local Account Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/rotation-name/{rotationName}: get: operationId: getHPiLOLocalAccountRotationByName tags: - Secret Rotations description: Get the specified HP iLO Local Account Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the HP iLO Local Account Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the HP iLO Local Account Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the HP iLO Local Account Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the HP iLO Local Account Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}/generated-credentials: get: operationId: getHPiLOLocalAccountRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified HP iLO Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: username: type: string password: type: string required: - username - password additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - hp-ilo-local-account required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}/move: post: operationId: moveHPiLOLocalAccountRotation tags: - Secret Rotations description: Move the specified HP iLO Local Account Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}/rotate-secrets: post: operationId: rotateHPiLOLocalAccountRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified HP iLO Local Account Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}/check-credentials: post: operationId: checkHPiLOLocalAccountRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified HP iLO Local Account Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the HP iLO Local Account Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/hp-ilo-local-account/{rotationId}/reconcile: post: tags: - Secret Rotations description: Reconcile HP iLO Local Account rotation credentials. This operation uses the SSH app connection credentials to reset the password when credentials are out of sync. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the SSH Password Rotation to reconcile credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string reconciled: type: boolean secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - ssh name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - hp-ilo-local-account parameters: type: object properties: username: type: string minLength: 1 description: The username of the HP iLO account to rotate the password for. passwordRequirements: type: object properties: length: type: number minimum: 1 maximum: 250 description: The length of the password to generate. required: type: object properties: digits: type: number minimum: 0 description: The amount of digits to require in the generated password. lowercase: type: number minimum: 0 description: The amount of lowercase characters to require in the generated password. uppercase: type: number minimum: 0 description: The amount of uppercase characters to require in the generated password. symbols: type: number minimum: 0 description: The amount of symbols to require in the generated password. required: - digits - lowercase - uppercase - symbols additionalProperties: false allowedSymbols: type: string pattern: '[!@#$%^&*()_+\-=\[\]{};'':"\\|,.<>\/?~]' description: The allowed symbols to use in the generated password (defaults to "-_.~!*"). required: - length - required additionalProperties: false description: The password requirements to use when generating the new password. rotationMethod: type: string enum: - login-as-target - login-as-root description: Whether the rotation should be performed using "login-as-target" (the target user's own credentials) or "login-as-root" (the SSH connection's admin credentials). Defaults to "login-as-root". required: - username additionalProperties: false secretsMapping: type: object properties: username: type: string minLength: 1 description: The name of the secret that the username will be mapped to. password: type: string minLength: 1 description: The name of the secret that the rotated password will be mapped to. required: - username - password additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - message - reconciled - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key: get: operationId: listSupabaseAPIKeyRotations tags: - Secret Rotations description: List the Supabase API Key Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Supabase API Key Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSupabaseAPIKeyRotation tags: - Secret Rotations description: Create a Supabase API Key Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Supabase API Key Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Supabase API Key Rotation. connectionId: type: string format: uuid description: The ID of the Supabase Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/{rotationId}: get: operationId: getSupabaseAPIKeyRotation tags: - Secret Rotations description: Get the specified Supabase API Key Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSupabaseAPIKeyRotation tags: - Secret Rotations description: Update the specified Supabase API Key Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Supabase API Key Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Supabase API Key Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSupabaseAPIKeyRotation tags: - Secret Rotations description: Delete the specified Supabase API Key Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/rotation-name/{rotationName}: get: operationId: getSupabaseAPIKeyRotationByName tags: - Secret Rotations description: Get the specified Supabase API Key Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Supabase API Key Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Supabase API Key Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Supabase API Key Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Supabase API Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/{rotationId}/generated-credentials: get: operationId: getSupabaseAPIKeyRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Supabase API Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: apiKey: type: string keyId: type: string required: - apiKey - keyId additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - supabase-api-key required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/{rotationId}/move: post: operationId: moveSupabaseAPIKeyRotation tags: - Secret Rotations description: Move the specified Supabase API Key Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/{rotationId}/rotate-secrets: post: operationId: rotateSupabaseAPIKeyRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Supabase API Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - supabase name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - supabase-api-key parameters: type: object properties: projectRef: type: string minLength: 1 description: The reference ID of the Supabase project to rotate the API key for. keyType: type: string enum: - publishable - secret description: The type of the API key to rotate (e.g. publishable, secret). required: - projectRef - keyType additionalProperties: false secretsMapping: type: object properties: apiKey: type: string minLength: 1 description: The name of the secret that the rotated Supabase API key will be mapped to. required: - apiKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/supabase-api-key/{rotationId}/check-credentials: post: operationId: checkSupabaseAPIKeyRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Supabase API Key Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Supabase API Key Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials: get: operationId: listSalesforceOAuthCredentialsRotations tags: - Secret Rotations description: List the Salesforce OAuth Credentials Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Salesforce OAuth Credentials Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Create a Salesforce OAuth Credentials Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Salesforce OAuth Credentials Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Salesforce OAuth Credentials Rotation. connectionId: type: string format: uuid description: The ID of the Salesforce Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/{rotationId}: get: operationId: getSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Get the specified Salesforce OAuth Credentials Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Update the specified Salesforce OAuth Credentials Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Salesforce OAuth Credentials Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Salesforce OAuth Credentials Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Delete the specified Salesforce OAuth Credentials Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/rotation-name/{rotationName}: get: operationId: getSalesforceOAuthCredentialsRotationByName tags: - Secret Rotations description: Get the specified Salesforce OAuth Credentials Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Salesforce OAuth Credentials Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Salesforce OAuth Credentials Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Salesforce OAuth Credentials Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Salesforce OAuth Credentials Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/{rotationId}/generated-credentials: get: operationId: getSalesforceOAuthCredentialsRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Salesforce OAuth Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: consumerKey: type: string consumerSecret: type: string stagedCredentialUrl: type: string required: - consumerKey - consumerSecret - stagedCredentialUrl additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - salesforce-oauth-credentials required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/{rotationId}/move: post: operationId: moveSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Move the specified Salesforce OAuth Credentials Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/{rotationId}/rotate-secrets: post: operationId: rotateSalesforceOAuthCredentialsRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Salesforce OAuth Credentials Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - salesforce name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - salesforce-oauth-credentials parameters: type: object properties: appId: type: string minLength: 1 description: The identifier of the Salesforce External Client App to rotate the consumer secret for. appName: type: string minLength: 1 description: The developer name of the Salesforce External Client App to rotate the consumer secret for. required: - appId - appName additionalProperties: false secretsMapping: type: object properties: consumerKey: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer key will be mapped to. consumerSecret: type: string minLength: 1 description: The name of the secret that the rotated Salesforce consumer secret will be mapped to. required: - consumerKey - consumerSecret additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/salesforce-oauth-credentials/{rotationId}/check-credentials: post: operationId: checkSalesforceOAuthCredentialsRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Salesforce OAuth Credentials Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Salesforce OAuth Credentials Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret: get: operationId: listDatadogApplicationKeyRotations tags: - Secret Rotations description: List the Datadog Application Key Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Datadog Application Key Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createDatadogApplicationKeyRotation tags: - Secret Rotations description: Create a Datadog Application Key Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Datadog Application Key Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Datadog Application Key Rotation. connectionId: type: string format: uuid description: The ID of the Datadog Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/{rotationId}: get: operationId: getDatadogApplicationKeyRotation tags: - Secret Rotations description: Get the specified Datadog Application Key Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateDatadogApplicationKeyRotation tags: - Secret Rotations description: Update the specified Datadog Application Key Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Datadog Application Key Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Datadog Application Key Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteDatadogApplicationKeyRotation tags: - Secret Rotations description: Delete the specified Datadog Application Key Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/rotation-name/{rotationName}: get: operationId: getDatadogApplicationKeyRotationByName tags: - Secret Rotations description: Get the specified Datadog Application Key Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Datadog Application Key Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Datadog Application Key Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Datadog Application Key Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Datadog Application Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/{rotationId}/generated-credentials: get: operationId: getDatadogApplicationKeyRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Datadog Application Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: applicationKeyId: type: string applicationKey: type: string required: - applicationKeyId - applicationKey additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - datadog-application-key-secret required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/{rotationId}/move: post: operationId: moveDatadogApplicationKeyRotation tags: - Secret Rotations description: Move the specified Datadog Application Key Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/{rotationId}/rotate-secrets: post: operationId: rotateDatadogApplicationKeyRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Datadog Application Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - datadog name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - datadog-application-key-secret parameters: type: object properties: serviceAccountId: type: string minLength: 1 description: The ID of the Datadog service account to rotate the application key for. required: - serviceAccountId additionalProperties: false secretsMapping: type: object properties: applicationKeyId: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key ID will be mapped to. applicationKey: type: string minLength: 1 description: The name of the secret that the rotated Datadog application key value will be mapped to. required: - applicationKeyId - applicationKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/datadog-application-key-secret/{rotationId}/check-credentials: post: operationId: checkDatadogApplicationKeyRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Datadog Application Key Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Datadog Application Key Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key: get: operationId: listConvexAccessKeyRotations tags: - Secret Rotations description: List the Convex Access Key Rotations for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Convex Access Key Rotations from. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotations: type: array items: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotations additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createConvexAccessKeyRotation tags: - Secret Rotations description: Create a Convex Access Key Rotation for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Convex Access Key Rotation to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the rotation in. description: type: string maxLength: 256 nullable: true description: An optional description for the Convex Access Key Rotation. connectionId: type: string format: uuid description: The ID of the Convex Connection to use for rotation. environment: type: string minLength: 1 maxLength: 64 description: The slug of the project environment to create the rotation in. secretPath: type: string minLength: 1 description: The secret path of the project to create the rotation in. isAutoRotationEnabled: type: boolean default: true description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The hours and minutes rotation should occur at in UTC. Defaults to Midnight (00:00) UTC. parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - name - projectId - connectionId - environment - secretPath - rotationInterval - parameters - secretsMapping additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/{rotationId}: get: operationId: getConvexAccessKeyRotation tags: - Secret Rotations description: Get the specified Convex Access Key Rotation by ID. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateConvexAccessKeyRotation tags: - Secret Rotations description: Update the specified Convex Access Key Rotation. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Convex Access Key Rotation. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Convex Access Key Rotation. isAutoRotationEnabled: type: boolean description: Whether secrets should be automatically rotated when the specified rotation interval has elapsed. rotationInterval: type: number minimum: 1 description: The updated interval, in days, to automatically rotate secrets. rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false description: The updated hours and minutes rotation should occur at in UTC. parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteConvexAccessKeyRotation tags: - Secret Rotations description: Delete the specified Convex Access Key Rotation. parameters: - schema: type: string enum: - 'true' - 'false' in: query name: deleteSecrets required: false description: Whether the mapped secrets belonging to this rotation should be deleted. - schema: type: string enum: - 'true' - 'false' in: query name: revokeGeneratedCredentials required: false description: Whether the generated credentials associated with this rotation should be revoked. - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/rotation-name/{rotationName}: get: operationId: getConvexAccessKeyRotationByName tags: - Secret Rotations description: Get the specified Convex Access Key Rotation by name, secret path, environment and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Convex Access Key Rotation is located in. - schema: type: string minLength: 1 in: query name: secretPath required: true description: The secret path the Convex Access Key Rotation is located at. - schema: type: string minLength: 1 in: query name: environment required: true description: The environment the Convex Access Key Rotation is located in. - schema: type: string minLength: 1 in: path name: rotationName required: true description: The name of the Convex Access Key Rotation to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/{rotationId}/generated-credentials: get: operationId: getConvexAccessKeyRotationGeneratedCredentials tags: - Secret Rotations description: Get the generated credentials for the specified Convex Access Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to retrieve the generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: generatedCredentials: type: array items: type: object properties: accessKeyId: type: string accessKey: type: string required: - accessKeyId - accessKey additionalProperties: false minItems: 1 maxItems: 2 activeIndex: type: number rotationId: type: string format: uuid type: type: string enum: - convex-access-key required: - generatedCredentials - activeIndex - rotationId - type additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/{rotationId}/move: post: operationId: moveConvexAccessKeyRotation tags: - Secret Rotations description: Move the specified Convex Access Key Rotation to a different secret path or environment. requestBody: required: true content: application/json: schema: type: object properties: destinationEnvironment: type: string minLength: 1 destinationSecretPath: type: string minLength: 1 overwriteDestination: type: boolean default: false required: - destinationEnvironment - destinationSecretPath additionalProperties: false parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/{rotationId}/rotate-secrets: post: operationId: rotateConvexAccessKeyRotation tags: - Secret Rotations description: Rotate the generated credentials for the specified Convex Access Key Rotation. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to rotate generated credentials for. responses: '200': description: Default Response content: application/json: schema: type: object properties: secretRotation: type: object properties: id: type: string format: uuid name: type: string description: type: string nullable: true isAutoRotationEnabled: type: boolean default: true activeIndex: type: number default: 0 folderId: type: string format: uuid connectionId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time rotationInterval: type: number rotationStatus: type: string lastRotationAttemptedAt: type: string format: date-time lastRotatedAt: type: string format: date-time lastRotationJobId: type: string nullable: true nextRotationAt: type: string format: date-time nullable: true isLastRotationManual: type: boolean default: true connection: type: object properties: app: type: string enum: - convex name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false environment: type: object properties: slug: type: string name: type: string id: type: string format: uuid required: - slug - name - id additionalProperties: false projectId: type: string folder: type: object properties: id: type: string path: type: string required: - id - path additionalProperties: false rotateAtUtc: type: object properties: hours: type: number minimum: 0 maximum: 23 minutes: type: number minimum: 0 maximum: 59 required: - hours - minutes additionalProperties: false lastRotationMessage: type: string nullable: true type: type: string enum: - convex-access-key parameters: type: object properties: namePrefix: type: string minLength: 1 description: A prefix to use when naming the generated Convex access key. required: - namePrefix additionalProperties: false secretsMapping: type: object properties: accessKey: type: string minLength: 1 description: The name of the secret that the rotated Convex access key will be mapped to. required: - accessKey additionalProperties: false required: - id - name - folderId - connectionId - createdAt - updatedAt - rotationInterval - rotationStatus - lastRotationAttemptedAt - lastRotatedAt - connection - environment - projectId - folder - rotateAtUtc - type - parameters - secretsMapping additionalProperties: false required: - secretRotation additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-rotations/convex-access-key/{rotationId}/check-credentials: post: operationId: checkConvexAccessKeyRotationCredentials tags: - Secret Rotations description: Check whether the active credentials for the specified Convex Access Key Rotation are still valid against the upstream system. parameters: - schema: type: string format: uuid in: path name: rotationId required: true description: The ID of the Convex Access Key Rotation to check active credentials for. responses: '204': description: Default Response content: application/json: schema: type: string minLength: 0 maxLength: 0 '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/options: get: operationId: listSecretScanningDataSourceOptions tags: - Secret Scanning description: List the available Secret Scanning Data Source Options. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSourceOptions: type: array items: anyOf: - type: object properties: name: type: string enum: - GitHub connection: type: string enum: - github-radar type: type: string enum: - github required: - name - connection - type additionalProperties: false title: GitHub - type: object properties: name: type: string enum: - Bitbucket connection: type: string enum: - bitbucket type: type: string enum: - bitbucket required: - name - connection - type additionalProperties: false title: Bitbucket - type: object properties: name: type: string enum: - GitLab connection: type: string enum: - gitlab type: type: string enum: - gitlab required: - name - connection - type additionalProperties: false title: GitLab required: - dataSourceOptions additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources: get: operationId: listSecretScanningDataSources tags: - Secret Scanning description: List all the Secret Scanning Data Sources for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Scanning Data Sources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSources: type: array items: anyOf: - type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub - type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket - type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/findings: get: operationId: listSecretScanningFindings tags: - Secret Scanning description: List all the Secret Scanning Findings for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Secret Scanning Findings from. responses: '200': description: Default Response content: application/json: schema: type: object properties: findings: type: array items: anyOf: - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - github details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitHub - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - bitbucket details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: Bitbucket - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - project dataSourceType: type: string enum: - gitlab details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitLab required: - findings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSecretScanningFindingsBatch tags: - Secret Scanning description: Update one or more Secret Scanning Findings in a batch. requestBody: required: true content: application/json: schema: type: array items: type: object properties: findingId: type: string minLength: 1 description: The ID of the Secret Scanning Finding to update. status: type: string enum: - resolved - unresolved - false-positive - ignore description: The updated status of the specified Secret Scanning Finding. remarks: type: string nullable: true description: Remarks pertaining to the status of this finding. required: - findingId additionalProperties: false maxItems: 500 responses: '200': description: Default Response content: application/json: schema: type: object properties: findings: type: array items: anyOf: - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - github details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitHub - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - bitbucket details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: Bitbucket - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - project dataSourceType: type: string enum: - gitlab details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitLab required: - findings additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/findings/{findingId}: patch: operationId: updateSecretScanningFinding tags: - Secret Scanning description: Update the specified Secret Scanning Finding. requestBody: required: true content: application/json: schema: type: object properties: status: type: string enum: - resolved - unresolved - false-positive - ignore description: The updated status of the specified Secret Scanning Finding. remarks: type: string nullable: true description: Remarks pertaining to the status of this finding. additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: findingId required: true description: The ID of the Secret Scanning Finding to update. responses: '200': description: Default Response content: application/json: schema: type: object properties: finding: anyOf: - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - github details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitHub - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - repository dataSourceType: type: string enum: - bitbucket details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: Bitbucket - type: object properties: id: type: string format: uuid dataSourceName: type: string resourceName: type: string rule: type: string severity: type: string status: type: string default: unresolved remarks: type: string nullable: true fingerprint: type: string projectId: type: string scanId: type: string format: uuid nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time resourceType: type: string enum: - project dataSourceType: type: string enum: - gitlab details: type: object properties: description: type: string startLine: type: number endLine: type: number startColumn: type: number endColumn: type: number file: type: string link: type: string symlinkFile: type: string commit: type: string entropy: type: number author: type: string email: type: string date: type: string message: type: string tags: type: array items: type: string ruleID: type: string fingerprint: type: string required: - description - startLine - endLine - startColumn - endColumn - file - link - symlinkFile - commit - entropy - author - email - date - message - tags - ruleID - fingerprint additionalProperties: false required: - id - dataSourceName - resourceName - rule - severity - fingerprint - projectId - createdAt - updatedAt - resourceType - dataSourceType - details additionalProperties: false title: GitLab required: - finding additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/configs: get: operationId: getSecretScanningConfig tags: - Secret Scanning description: Get the Secret Scanning Config for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to retrieve the Secret Scanning Configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: config: type: object properties: content: type: string nullable: true projectId: type: string updatedAt: type: string format: date-time nullable: true required: - projectId additionalProperties: false required: - config additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSecretScanningConfig tags: - Secret Scanning description: Update the specified Secret Scanning Configuration. requestBody: required: true content: application/json: schema: type: object properties: content: type: string nullable: true description: The contents of the Secret Scanning Configuration file. required: - content additionalProperties: false parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to update the Secret Scanning Configuration for. responses: '200': description: Default Response content: application/json: schema: type: object properties: config: type: object properties: id: type: string format: uuid projectId: type: string content: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - createdAt - updatedAt additionalProperties: false required: - config additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github: get: operationId: listGitHubDataSources tags: - Secret Scanning description: List the GitHub Data Sources for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list GitHub Data Sources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitHubDataSource tags: - Secret Scanning description: Create a GitHub Data Source for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GitHub Data Source to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the GitHub Data Source in. description: type: string maxLength: 256 nullable: true description: An optional description for the GitHub Data Source. connectionId: type: string format: uuid description: The ID of the GitHub Radar Connection to use for this Data Source. isAutoScanEnabled: type: boolean default: true description: Whether scans should be automatically performed when a push occurs to repositories associated with this Data Source. config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - name - projectId - connectionId - config additionalProperties: false title: GitHub responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/{dataSourceId}: get: operationId: getGitHubDataSource tags: - Secret Scanning description: Get the specified GitHub Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitHubDataSource tags: - Secret Scanning description: Update the specified GitHub Data Source. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GitHub Data Source. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GitHub Data Source. isAutoScanEnabled: type: boolean description: Whether scans should be automatically performed when a push occurs to repositories associated with this Data Source. config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false additionalProperties: false title: GitHub parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitHubDataSource tags: - Secret Scanning description: Delete the specified GitHub Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/data-source-name/{sourceName}: get: operationId: getGitHubDataSourceByName tags: - Secret Scanning description: Get the specified GitHub Data Source by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the GitHub Data Source is located in. - schema: type: string minLength: 1 in: path name: sourceName required: true description: The name of the GitHub Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/{dataSourceId}/scan: post: operationId: triggerGitHubDataSourceScan tags: - Secret Scanning description: Trigger a scan for the specified GitHub Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/{dataSourceId}/resources/{resourceId}/scan: post: operationId: triggerGitHubDataSourceResourceScan tags: - Secret Scanning description: Trigger a scan for the specified GitHub Data Source resource. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to trigger a scan for. - schema: type: string format: uuid in: path name: resourceId required: true description: The ID of the individual Data Source resource to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - github connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - github-radar name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitHub required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/{dataSourceId}/resources: get: operationId: listGitHubDataSourceResources tags: - Secret Scanning description: Get the resources associated with the specified GitHub Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to list resources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: resources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string name: type: string type: type: string dataSourceId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - externalId - name - type - dataSourceId - createdAt - updatedAt additionalProperties: false required: - resources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/github/{dataSourceId}/scans: get: operationId: listGitHubDataSourceScans tags: - Secret Scanning description: Get the scans associated with the specified GitHub Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitHub Data Source to list scans for. responses: '200': description: Default Response content: application/json: schema: type: object properties: scans: type: array items: type: object properties: id: type: string format: uuid status: type: string default: queued statusMessage: type: string nullable: true type: type: string resourceId: type: string format: uuid createdAt: type: string format: date-time nullable: true required: - id - type - resourceId additionalProperties: false required: - scans additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket: get: operationId: listBitbucketDataSources tags: - Secret Scanning description: List the Bitbucket Data Sources for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list Bitbucket Data Sources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createBitbucketDataSource tags: - Secret Scanning description: Create a Bitbucket Data Source for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the Bitbucket Data Source to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the Bitbucket Data Source in. description: type: string maxLength: 256 nullable: true description: An optional description for the Bitbucket Data Source. connectionId: type: string format: uuid description: The ID of the Bitbucket Connection to use for this Data Source. isAutoScanEnabled: type: boolean default: true description: Whether scans should be automatically performed when a push occurs to repositories associated with this Data Source. config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - name - projectId - connectionId - config additionalProperties: false title: Bitbucket responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/{dataSourceId}: get: operationId: getBitbucketDataSource tags: - Secret Scanning description: Get the specified Bitbucket Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateBitbucketDataSource tags: - Secret Scanning description: Update the specified Bitbucket Data Source. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the Bitbucket Data Source. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the Bitbucket Data Source. isAutoScanEnabled: type: boolean description: Whether scans should be automatically performed when a push occurs to repositories associated with this Data Source. config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false additionalProperties: false title: Bitbucket parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteBitbucketDataSource tags: - Secret Scanning description: Delete the specified Bitbucket Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/data-source-name/{sourceName}: get: operationId: getBitbucketDataSourceByName tags: - Secret Scanning description: Get the specified Bitbucket Data Source by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the Bitbucket Data Source is located in. - schema: type: string minLength: 1 in: path name: sourceName required: true description: The name of the Bitbucket Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/{dataSourceId}/scan: post: operationId: triggerBitbucketDataSourceScan tags: - Secret Scanning description: Trigger a scan for the specified Bitbucket Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/{dataSourceId}/resources/{resourceId}/scan: post: operationId: triggerBitbucketDataSourceResourceScan tags: - Secret Scanning description: Trigger a scan for the specified Bitbucket Data Source resource. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to trigger a scan for. - schema: type: string format: uuid in: path name: resourceId required: true description: The ID of the individual Data Source resource to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - bitbucket connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - bitbucket name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: type: object properties: workspaceSlug: type: string minLength: 1 maxLength: 128 description: The workspace to scan. includeRepos: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The repositories to include when scanning. Defaults to all repositories (["*"]). required: - workspaceSlug additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: Bitbucket required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/{dataSourceId}/resources: get: operationId: listBitbucketDataSourceResources tags: - Secret Scanning description: Get the resources associated with the specified Bitbucket Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to list resources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: resources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string name: type: string type: type: string dataSourceId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - externalId - name - type - dataSourceId - createdAt - updatedAt additionalProperties: false required: - resources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/bitbucket/{dataSourceId}/scans: get: operationId: listBitbucketDataSourceScans tags: - Secret Scanning description: Get the scans associated with the specified Bitbucket Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the Bitbucket Data Source to list scans for. responses: '200': description: Default Response content: application/json: schema: type: object properties: scans: type: array items: type: object properties: id: type: string format: uuid status: type: string default: queued statusMessage: type: string nullable: true type: type: string resourceId: type: string format: uuid createdAt: type: string format: date-time nullable: true required: - id - type - resourceId additionalProperties: false required: - scans additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab: get: operationId: listGitLabDataSources tags: - Secret Scanning description: List the GitLab Data Sources for the specified project. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project to list GitLab Data Sources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createGitLabDataSource tags: - Secret Scanning description: Create a GitLab Data Source for the specified project. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The name of the GitLab Data Source to create. Must be slug-friendly. projectId: type: string minLength: 1 description: The ID of the project to create the GitLab Data Source in. description: type: string maxLength: 256 nullable: true description: An optional description for the GitLab Data Source. connectionId: type: string format: uuid description: The ID of the GitLab Connection to use for this Data Source. isAutoScanEnabled: type: boolean default: true description: Whether scans should be automatically performed when a push occurs to projects associated with this Data Source. config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - name - projectId - connectionId - config additionalProperties: false title: GitLab responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/{dataSourceId}: get: operationId: getGitLabDataSource tags: - Secret Scanning description: Get the specified GitLab Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateGitLabDataSource tags: - Secret Scanning description: Update the specified GitLab Data Source. requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 description: The updated name of the GitLab Data Source. Must be slug-friendly. description: type: string maxLength: 256 nullable: true description: The updated description of the GitLab Data Source. isAutoScanEnabled: type: boolean description: Whether scans should be automatically performed when a push occurs to projects associated with this Data Source. config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false additionalProperties: false title: GitLab parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to be updated. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteGitLabDataSource tags: - Secret Scanning description: Delete the specified GitLab Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to be deleted. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/data-source-name/{sourceName}: get: operationId: getGitLabDataSourceByName tags: - Secret Scanning description: Get the specified GitLab Data Source by name and project ID. parameters: - schema: type: string minLength: 1 in: query name: projectId required: true description: The ID of the project the GitLab Data Source is located in. - schema: type: string minLength: 1 in: path name: sourceName required: true description: The name of the GitLab Data Source to retrieve. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/{dataSourceId}/scan: post: operationId: triggerGitLabDataSourceScan tags: - Secret Scanning description: Trigger a scan for the specified GitLab Data Source. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/{dataSourceId}/resources/{resourceId}/scan: post: operationId: triggerGitLabDataSourceResourceScan tags: - Secret Scanning description: Trigger a scan for the specified GitLab Data Source resource. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to trigger a scan for. - schema: type: string format: uuid in: path name: resourceId required: true description: The ID of the individual Data Source resource to trigger a scan for. responses: '200': description: Default Response content: application/json: schema: type: object properties: dataSource: type: object properties: id: type: string format: uuid externalId: type: string nullable: true name: type: string description: type: string nullable: true encryptedCredentials: nullable: true isAutoScanEnabled: type: boolean default: true nullable: true projectId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time isDisconnected: type: boolean default: false type: type: string enum: - gitlab connectionId: type: string format: uuid connection: type: object properties: app: type: string enum: - gitlab name: type: string id: type: string format: uuid required: - app - name - id additionalProperties: false config: anyOf: - type: object properties: scope: type: string enum: - group description: The GitLab scope scanning should occur at (project or group level). groupId: type: number description: The ID of the group to scan projects from. groupName: type: string maxLength: 256 description: The name of the group to scan projects from. includeProjects: type: array items: type: string minLength: 1 maxLength: 256 minItems: 1 maxItems: 100 default: - '*' description: The projects to include when scanning. Defaults to all projects (["*"]). required: - scope - groupId additionalProperties: false - type: object properties: scope: type: string enum: - project description: The GitLab scope scanning should occur at (project or group level). projectName: type: string maxLength: 256 description: The name of the project to scan. projectId: type: number description: The ID of the project to scan. required: - scope - projectId additionalProperties: false required: - id - name - projectId - createdAt - updatedAt - type - connectionId - connection - config additionalProperties: false title: GitLab required: - dataSource additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/{dataSourceId}/resources: get: operationId: listGitLabDataSourceResources tags: - Secret Scanning description: Get the resources associated with the specified GitLab Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to list resources from. responses: '200': description: Default Response content: application/json: schema: type: object properties: resources: type: array items: type: object properties: id: type: string format: uuid externalId: type: string name: type: string type: type: string dataSourceId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - externalId - name - type - dataSourceId - createdAt - updatedAt additionalProperties: false required: - resources additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-scanning/data-sources/gitlab/{dataSourceId}/scans: get: operationId: listGitLabDataSourceScans tags: - Secret Scanning description: Get the scans associated with the specified GitLab Data Source by ID. parameters: - schema: type: string format: uuid in: path name: dataSourceId required: true description: The ID of the GitLab Data Source to list scans for. responses: '200': description: Default Response content: application/json: schema: type: object properties: scans: type: array items: type: object properties: id: type: string format: uuid status: type: string default: queued statusMessage: type: string nullable: true type: type: string resourceId: type: string format: uuid createdAt: type: string format: date-time nullable: true required: - id - type - resourceId additionalProperties: false required: - scans additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/service-token: get: operationId: getServiceToken tags: - Service Tokens description: Return Infisical Token data security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string name: type: string scopes: {} permissions: type: array items: type: string lastUsed: type: string format: date-time nullable: true expiresAt: type: string format: date-time nullable: true secretHash: type: string encryptedKey: type: string nullable: true iv: type: string nullable: true tag: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time createdBy: type: string projectId: type: string expiryNotificationSent: type: boolean default: false nullable: true workspace: type: string user: type: object properties: authMethods: type: array items: type: string nullable: true id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time devices: nullable: true email: type: string nullable: true firstName: type: string nullable: true lastName: type: string nullable: true mfaMethods: type: array items: type: string nullable: true __v: type: number default: 0 _id: type: string required: - id - createdAt - updatedAt - _id additionalProperties: false _id: type: string __v: type: number default: 0 required: - id - name - permissions - secretHash - createdAt - updatedAt - createdBy - projectId - workspace - user - _id additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/pki/ca: get: operationId: listCertificateAuthoritiesV2 tags: - PKI Certificate Authorities description: Get Certificate Authorities responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateAuthorities: type: array items: anyOf: - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - internal configuration: type: object properties: type: type: string enum: - root - intermediate description: The type of CA to create. friendlyName: type: string description: A friendly name for the CA. commonName: type: string default: '' description: The common name (CN) for the CA. organization: type: string default: '' description: The organization (O) for the CA. ou: type: string default: '' description: The organization unit (OU) for the CA. country: type: string default: '' description: The country name (C) for the CA. province: type: string default: '' description: The state of province name for the CA. locality: type: string default: '' description: The locality name for the CA. notBefore: type: string description: The date and time when the CA becomes valid in YYYY-MM-DDTHH:mm:ss.sssZ format. notAfter: type: string description: The date and time when the CA expires in YYYY-MM-DDTHH:mm:ss.sssZ format. maxPathLength: type: number minimum: -1 nullable: true description: The maximum number of intermediate CAs that may follow this CA in the certificate / CA chain. A maxPathLength of -1 implies no path limit on the chain. keyAlgorithm: type: string enum: - RSA_2048 - RSA_3072 - RSA_4096 - EC_prime256v1 - EC_secp384r1 - EC_secp521r1 - ML-DSA-44 - ML-DSA-65 - ML-DSA-87 - SLH-DSA-SHA2-128f - SLH-DSA-SHA2-128s - SLH-DSA-SHA2-192f - SLH-DSA-SHA2-192s - SLH-DSA-SHA2-256f - SLH-DSA-SHA2-256s - SLH-DSA-SHAKE-128f - SLH-DSA-SHAKE-128s - SLH-DSA-SHAKE-192f - SLH-DSA-SHAKE-192s - SLH-DSA-SHAKE-256f - SLH-DSA-SHAKE-256s description: The type of public key algorithm and size, in bits, of the key pair for the CA; when you create an intermediate CA, you must use a key algorithm supported by the parent CA. dn: type: string nullable: true parentCaId: type: string format: uuid nullable: true serialNumber: type: string nullable: true activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string maxLength: 2048 format: uri maxItems: 4 description: Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is included by default unless disabled. disableManagedCrlDistributionPointUrl: type: boolean default: false description: When set to true, the Infisical-managed CRL endpoint URL will not be embedded in certificates issued by this CA. Only custom CRL Distribution Point URLs (if any) will be included. required: - type - keyAlgorithm additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - acme configuration: type: object properties: dnsAppConnectionId: type: string format: uuid description: The ID of the App Connection to use for creating and managing DNS TXT records required for ACME domain validation. This connection must have permissions to create and delete TXT records in your DNS provider (e.g., Route53) for the ACME challenge process. dnsProviderConfig: type: object properties: provider: type: string enum: - route53 - cloudflare - dns-made-easy - azure-dns description: The DNS provider for the ACME Certificate Authority. hostedZoneId: type: string minLength: 1 description: The hosted zone ID for the ACME Certificate Authority. required: - provider - hostedZoneId additionalProperties: false directoryUrl: type: string format: uri minLength: 1 description: The directory URL for the ACME Certificate Authority. accountEmail: type: string minLength: 1 description: The email address for the ACME Certificate Authority. eabKid: type: string maxLength: 64 description: The External Account Binding (EAB) Key ID for the ACME Certificate Authority. Required if the ACME provider uses EAB. dnsResolver: type: string anyOf: - format: ipv4 - format: ipv6 description: An optional custom DNS resolver IP address to use for verifying DNS propagation during ACME challenges. Must be a valid IP address (e.g. 8.8.8.8). When not set, the system default DNS resolver is used. required: - dnsAppConnectionId - dnsProviderConfig - directoryUrl - accountEmail additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - azure-ad-cs configuration: type: object properties: azureAdcsConnectionId: type: string format: uuid description: Azure ADCS Connection ID required: - azureAdcsConnectionId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-pca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Private Certificate Authority (PCA). This connection must have permissions to issue, get, and revoke certificates from the specified PCA. certificateAuthorityArn: type: string minLength: 1 description: The ARN of the AWS Private Certificate Authority to use for issuing certificates. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region where the Private Certificate Authority is located. required: - appConnectionId - certificateAuthorityArn - region additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - digicert configuration: type: object properties: appConnectionId: type: string format: uuid description: DigiCert App Connection ID organizationId: type: integer exclusiveMinimum: true minimum: 0 description: CertCentral Organization ID that will be listed on issued certificates productNameId: type: string minLength: 1 description: The DigiCert product name_id used for issuance (e.g. ssl_plus, ssl_ev_plus). Fetch available products from GET /app-connections/digicert/:id/products. required: - appConnectionId - organizationId - productNameId additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - godaddy configuration: type: object properties: appConnectionId: type: string format: uuid description: GoDaddy App Connection ID productType: type: string enum: - DV_SSL description: The GoDaddy DV product used for issuance (DV_SSL for a single domain) required: - appConnectionId - productType additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - aws-acm-public-ca configuration: type: object properties: appConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for authenticating with AWS Certificate Manager (ACM). This connection must have permissions to request, describe, export, renew, and delete certificates. dnsAppConnectionId: type: string format: uuid description: The ID of the AWS App Connection to use for creating and managing Route 53 CNAME records required for ACM domain validation. hostedZoneId: type: string minLength: 1 description: The Route 53 hosted zone ID to use for ACM DNS validation CNAME records. region: type: string enum: - us-east-1 - us-east-2 - us-west-1 - us-west-2 - us-gov-east-1 - us-gov-west-1 - af-south-1 - ap-east-1 - ap-south-1 - ap-south-2 - ap-northeast-1 - ap-northeast-2 - ap-northeast-3 - ap-southeast-1 - ap-southeast-2 - ap-southeast-3 - ap-southeast-4 - ca-central-1 - eu-central-1 - eu-central-2 - eu-west-1 - eu-west-2 - eu-west-3 - eu-south-1 - eu-south-2 - eu-north-1 - me-south-1 - me-central-1 - sa-east-1 description: The AWS region to use for the ACM API calls. required: - appConnectionId - dnsAppConnectionId - hostedZoneId - region additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false - type: object properties: projectId: type: string enableDirectIssuance: type: boolean default: true name: type: string id: type: string format: uuid status: type: string enum: - active - disabled - pending-certificate type: type: string enum: - venafi-tpp configuration: type: object properties: appConnectionId: type: string format: uuid description: The Venafi TPP App Connection ID. policyDN: type: string minLength: 1 description: The policy folder DN in Venafi TPP (e.g., '\\VED\\Policy\\Certificates'). required: - appConnectionId - policyDN additionalProperties: false required: - projectId - name - id - status - type - configuration additionalProperties: false required: - certificateAuthorities additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/pki/certificate-templates: post: operationId: createPkiTemplate tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 caName: type: string minLength: 1 maxLength: 64 projectId: type: string commonName: type: string minLength: 1 maxLength: 100 subjectAlternativeName: type: string minLength: 1 maxLength: 100 ttl: type: string keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly default: - digitalSignature - keyEncipherment extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning default: [] required: - name - caName - projectId - commonName - subjectAlternativeName - ttl additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplate: type: object properties: id: type: string format: uuid caId: type: string format: uuid pkiCollectionId: type: string format: uuid nullable: true name: type: string commonName: type: string subjectAlternativeName: type: string ttl: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true required: - id - caId - name - commonName - subjectAlternativeName - ttl - createdAt - updatedAt additionalProperties: false required: - certificateTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listPkiTemplates tags: - PKI Certificate Templates parameters: - schema: type: string in: query name: projectId required: true - schema: type: number default: 100 in: query name: limit required: false - schema: type: number default: 0 in: query name: offset required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid caId: type: string format: uuid pkiCollectionId: type: string format: uuid nullable: true name: type: string commonName: type: string subjectAlternativeName: type: string ttl: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true ca: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false required: - id - caId - name - commonName - subjectAlternativeName - ttl - createdAt - updatedAt - ca additionalProperties: false totalCount: type: number required: - certificateTemplates - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/pki/certificate-templates/{templateName}: patch: operationId: updatePkiTemplate tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 64 caName: type: string minLength: 1 maxLength: 64 projectId: type: string commonName: type: string minLength: 1 maxLength: 100 subjectAlternativeName: type: string minLength: 1 maxLength: 100 ttl: type: string keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly default: - digitalSignature - keyEncipherment extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning default: [] required: - caName - projectId additionalProperties: false parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: templateName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplate: type: object properties: id: type: string format: uuid caId: type: string format: uuid pkiCollectionId: type: string format: uuid nullable: true name: type: string commonName: type: string subjectAlternativeName: type: string ttl: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true required: - id - caId - name - commonName - subjectAlternativeName - ttl - createdAt - updatedAt additionalProperties: false required: - certificateTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deletePkiTemplate tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string required: - projectId additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: templateName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplate: type: object properties: id: type: string format: uuid caId: type: string format: uuid pkiCollectionId: type: string format: uuid nullable: true name: type: string commonName: type: string subjectAlternativeName: type: string ttl: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true required: - id - caId - name - commonName - subjectAlternativeName - ttl - createdAt - updatedAt additionalProperties: false required: - certificateTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getPkiTemplate tags: - PKI Certificate Templates parameters: - schema: type: string in: query name: projectId required: true - schema: type: string minLength: 1 maxLength: 64 in: path name: templateName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplate: type: object properties: id: type: string format: uuid caId: type: string format: uuid pkiCollectionId: type: string format: uuid nullable: true name: type: string commonName: type: string subjectAlternativeName: type: string ttl: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true ca: type: object properties: id: type: string name: type: string required: - id - name additionalProperties: false required: - id - caId - name - commonName - subjectAlternativeName - ttl - createdAt - updatedAt - ca additionalProperties: false required: - certificateTemplate additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/pki/certificate-templates/{templateName}/issue-certificate: post: operationId: issueCertificateFromTemplate tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string commonName: type: string minLength: 1 maxLength: 100 ttl: type: string keyUsages: type: array items: type: string enum: - digitalSignature - keyEncipherment - nonRepudiation - dataEncipherment - keyAgreement - keyCertSign - cRLSign - encipherOnly - decipherOnly extendedKeyUsages: type: array items: type: string enum: - clientAuth - serverAuth - codeSigning - emailProtection - timeStamping - ocspSigning notBefore: type: string notAfter: type: string altNames: type: string default: '' required: - projectId - commonName - ttl additionalProperties: false parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: templateName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string issuingCaCertificate: type: string certificateChain: type: string privateKey: type: string serialNumber: type: string required: - certificate - issuingCaCertificate - certificateChain - privateKey - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/pki/certificate-templates/{templateName}/sign-certificate: post: operationId: signCertificateFromTemplate tags: - PKI Certificate Templates requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string ttl: type: string csr: type: string minLength: 1 maxLength: 4096 required: - projectId - ttl - csr additionalProperties: false parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: templateName required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string issuingCaCertificate: type: string certificateChain: type: string serialNumber: type: string required: - certificate - issuingCaCertificate - certificateChain - serialNumber additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/organizations/{organizationId}/memberships: get: operationId: listOrgMemberships tags: - Organizations description: Return organization user memberships parameters: - schema: type: string in: path name: organizationId required: true description: The ID of the organization to get memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: users: type: array items: type: object properties: id: type: string format: uuid role: type: string status: type: string default: invited inviteEmail: type: string nullable: true userId: type: string format: uuid nullable: true orgId: type: string format: uuid roleId: type: string format: uuid nullable: true projectFavorites: type: array items: type: string nullable: true isActive: type: boolean default: true lastInvitedAt: type: string format: date-time nullable: true lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true user: type: object properties: username: type: string email: type: string nullable: true isEmailVerified: type: boolean default: false nullable: true firstName: type: string nullable: true lastName: type: string nullable: true authMethods: type: array items: type: string nullable: true id: type: string format: uuid publicKey: type: string nullable: true required: - username - id additionalProperties: false required: - id - role - orgId - user additionalProperties: false required: - users additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: bulkDeleteOrgMemberships tags: - Organizations description: Bulk delete organization user memberships requestBody: required: true content: application/json: schema: type: object properties: membershipIds: type: array items: type: string description: The IDs of the memberships to delete. required: - membershipIds additionalProperties: false parameters: - schema: type: string in: path name: organizationId required: true description: The ID of the organization to delete the memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid role: type: string status: type: string default: invited inviteEmail: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid roleId: type: string format: uuid nullable: true projectFavorites: type: array items: type: string nullable: true isActive: type: boolean default: true lastInvitedAt: type: string format: date-time nullable: true lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true required: - id - role - createdAt - updatedAt - orgId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/organizations/{organizationId}/workspaces: get: operationId: listOrgProjects tags: - Organizations description: Return projects in organization that user is apart of parameters: - schema: type: string in: path name: organizationId required: true description: The ID of the organization to get projects from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: workspaces: type: array items: type: object properties: id: type: string name: type: string slug: type: string organization: type: string environments: type: array items: type: object properties: name: type: string slug: type: string required: - name - slug additionalProperties: false required: - id - name - slug - organization - environments additionalProperties: false required: - workspaces additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/organizations/{organizationId}/memberships/{membershipId}: patch: operationId: updateOrgMembership tags: - Organizations description: Update organization user memberships requestBody: required: true content: application/json: schema: type: object properties: role: type: string description: The new role of the membership. isActive: type: boolean description: The active status of the membership metadata: type: array items: type: object properties: key: type: string minLength: 1 description: The key for user metadata tag. value: type: string minLength: 1 description: The value for user metadata tag. required: - key - value additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: organizationId required: true description: The ID of the organization to update the membership for. - schema: type: string in: path name: membershipId required: true description: The ID of the membership to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: id: type: string format: uuid role: type: string status: type: string default: invited inviteEmail: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid roleId: type: string format: uuid nullable: true projectFavorites: type: array items: type: string nullable: true isActive: type: boolean default: true lastInvitedAt: type: string format: date-time nullable: true lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true required: - id - role - createdAt - updatedAt - orgId additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteOrgMembership tags: - Organizations description: Delete organization user memberships parameters: - schema: type: string in: path name: organizationId required: true description: The ID of the organization to delete the membership from. - schema: type: string in: path name: membershipId required: true description: The ID of the membership to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: membership: type: object properties: id: type: string format: uuid role: type: string status: type: string default: invited inviteEmail: type: string nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid nullable: true orgId: type: string format: uuid roleId: type: string format: uuid nullable: true projectFavorites: type: array items: type: string nullable: true isActive: type: boolean default: true lastInvitedAt: type: string format: date-time nullable: true lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true required: - id - role - createdAt - updatedAt - orgId additionalProperties: false required: - membership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/organizations/{orgId}/identity-memberships: get: operationId: listOrgIdentityMemberships tags: - Organizations description: Return organization identity memberships parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity membership. - schema: type: number minimum: 1 maximum: 20000 default: 100 in: query name: limit required: false description: The number of identity memberships to return. - schema: type: string enum: - name - role default: name in: query name: orderBy required: false description: The column to order identity memberships by. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction identity memberships will be sorted in. - schema: type: string in: query name: search required: false description: The text string that identity membership names will be filtered by. - schema: type: string in: path name: orgId required: true description: The ID of the organization to get identity memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMemberships: type: array items: type: object properties: id: type: string format: uuid role: type: string roleId: type: string format: uuid nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time identityId: type: string format: uuid lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true customRole: type: object properties: id: type: string format: uuid name: type: string slug: type: string permissions: {} description: type: string nullable: true required: - id - name - slug additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid orgId: type: string format: uuid authMethods: type: array items: type: string required: - name - id - orgId - authMethods additionalProperties: false required: - id - role - orgId - createdAt - updatedAt - identityId - identity additionalProperties: false totalCount: type: number required: - identityMemberships - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/identities/search: post: operationId: searchMachineIdentitiesV2 tags: - Identities description: Search machine identities across organization and/or project scopes. Returns identities the caller has access to, each annotated with all roles assigned to that membership. requestBody: required: true content: application/json: schema: type: object properties: scope: type: array items: type: string enum: - organization - project minItems: 1 default: - organization description: Array of scopes to search across. Accepts 'organization' to include organization-level identities and/or 'project' to include identities from projects the caller has access to. Defaults to ['organization']. orderBy: type: string enum: - name - role - lastLogin default: name description: The column to order identities by. orderDirection: type: string enum: - asc - desc default: asc description: The direction to order identities in. limit: type: integer minimum: 1 maximum: 100 default: 50 description: The number of identities to return. offset: type: integer minimum: 0 default: 0 description: The offset to start from. If you enter 10, it will start from the 10th identity. search: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The role to filter by. Matches against the role name or slug for custom roles and the role type for predefined roles. $or: type: array items: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The role to filter by. Matches against the role name or slug for custom roles and the role type for predefined roles. additionalProperties: false description: The filters to apply to the search. maxItems: 5 additionalProperties: false description: The filters to apply to the search. additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identities: type: array items: type: object properties: id: type: string identityId: type: string scope: type: string enum: - organization - project orgId: type: string projectId: type: string nullable: true project: type: object properties: id: type: string name: type: string slug: type: string type: type: string required: - id - name - slug - type additionalProperties: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time lastLoginAuthMethod: type: string nullable: true lastLoginTime: type: string format: date-time nullable: true roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true customRoleDescription: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid hasDeleteProtection: type: boolean default: false orgId: type: string format: uuid authMethods: type: array items: type: string activeLockoutAuthMethods: type: array items: type: string required: - name - id - orgId - authMethods - activeLockoutAuthMethods additionalProperties: false required: - id - identityId - scope - orgId - createdAt - updatedAt - roles - identity additionalProperties: false totalCount: type: number required: - identities - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/identities/search/count: post: operationId: countMachineIdentitiesV2 tags: - Identities description: Return per-scope counts of machine identities matching the given search filter. The response contains a count for every scope passed in the request body (zero when the caller has no access to that scope). requestBody: required: true content: application/json: schema: type: object properties: scope: type: array items: type: string enum: - organization - project minItems: 1 default: - organization - project description: Array of scopes to count. Returns a count for each requested scope. Accepts 'organization' and/or 'project'. search: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The role to filter by. Matches against the role name or slug for custom roles and the role type for predefined roles. $or: type: array items: type: object properties: name: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The name of the identity to filter by. role: anyOf: - type: string maxLength: 255 - type: object properties: $eq: type: string maxLength: 255 $contains: type: string maxLength: 255 $in: type: array items: type: string maxLength: 255 additionalProperties: false description: The role to filter by. Matches against the role name or slug for custom roles and the role type for predefined roles. additionalProperties: false description: The filters to apply when counting. maxItems: 5 additionalProperties: false description: The filters to apply when counting. additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: counts: type: object properties: organization: type: number project: type: number additionalProperties: false required: - counts additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/folders: post: operationId: createSecretFolder tags: - Folders description: Create folders requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the folder in. environment: type: string description: The slug of the environment to create the folder in. name: type: string description: The name of the folder to create. path: type: string default: / description: The path of the folder to create. description: type: string nullable: true description: An optional description label for the folder. required: - projectId - environment - name additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true path: type: string required: - id - name - createdAt - updatedAt - envId - path additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listSecretFolders tags: - Folders description: Get folders parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to list folders from. - schema: type: string in: query name: environment required: true description: The slug of the environment to list folders from. - schema: type: string format: date-time in: query name: lastSecretModified required: false description: The timestamp used to filter folders with secrets modified after the specified date. The format for this timestamp is ISO 8601 (e.g. 2025-04-01T09:41:45-04:00) - schema: type: string in: query name: path required: true description: The path to list folders from. - schema: anyOf: - type: boolean - type: string default: false in: query name: recursive required: false description: Whether or not to fetch all folders from the specified base path, and all of its subdirectories. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folders: type: array items: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true relativePath: type: string required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folders additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/folders/{folderId}: patch: operationId: updateSecretFolder tags: - Folders description: Update folder requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the folder is located. environment: type: string description: The slug of the environment where the folder is located. name: type: string description: The new name of the folder. path: type: string default: / description: The path of the folder to update. description: type: string nullable: true description: An optional description label for the folder. required: - projectId - environment - name additionalProperties: false parameters: - schema: type: string in: path name: folderId required: true description: The ID of the folder to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true path: type: string required: - id - name - createdAt - updatedAt - envId - path additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/folders/batch: patch: operationId: updateSecretFoldersBatch tags: - Folders description: Update folders by batch requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the folder is located. folders: type: array items: type: object properties: id: type: string description: The ID of the folder to update. environment: type: string description: The slug of the environment where the folder is located. name: type: string description: The new name of the folder. path: type: string default: / description: The path of the folder to update. description: type: string nullable: true description: An optional description label for the folder. required: - id - environment - name additionalProperties: false minItems: 1 required: - projectId - folders additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folders: type: array items: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folders additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/folders/{folderIdOrName}: delete: operationId: deleteSecretFolder tags: - Folders description: Delete a folder requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to delete the folder from. environment: type: string description: The slug of the environment where the folder is located. path: type: string default: / description: The path of the folder to delete. forceDelete: type: boolean default: false description: Whether to force delete the folder even if it contains resources. required: - projectId - environment additionalProperties: false parameters: - schema: type: string in: path name: folderIdOrName required: true description: The ID or name of the folder to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true required: - id - name - createdAt - updatedAt - envId additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/folders/{id}: get: operationId: getSecretFolderById tags: - Folders description: Get folder by id parameters: - schema: type: string in: path name: id required: true description: The ID of the folder to get details. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: folder: type: object properties: id: type: string format: uuid name: type: string version: type: number default: 1 nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time envId: type: string format: uuid parentId: type: string format: uuid nullable: true isReserved: type: boolean default: false nullable: true description: type: string nullable: true lastSecretModified: type: string format: date-time nullable: true environment: type: object properties: envId: type: string envName: type: string envSlug: type: string required: - envId - envName - envSlug additionalProperties: false path: type: string projectId: type: string required: - id - name - createdAt - updatedAt - envId - environment - path - projectId additionalProperties: false required: - folder additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-imports: post: operationId: createSecretImport tags: - Secret Imports description: Create secret imports requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project you are working in. environment: type: string description: The slug of the environment to import into. path: type: string default: / description: The path to import into. import: type: object properties: environment: type: string description: The slug of the environment to import from. path: type: string description: The path to import from. required: - environment - path additionalProperties: false isReplication: type: boolean default: false description: When true, secrets from the source will be automatically sent to the destination. If approval policies exist at the destination, the secrets will be sent as approval requests instead of being applied immediately. required: - projectId - environment - import additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: listSecretImports tags: - Secret Imports description: Get secret imports parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to list secret imports from. - schema: type: string in: query name: environment required: true description: The slug of the environment to list secret imports from. - schema: type: string default: / in: query name: path required: false description: The path to list secret imports from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImports: type: array items: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImports additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-imports/{secretImportId}: patch: operationId: updateSecretImport tags: - Secret Imports description: Update secret imports requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the secret import is located. environment: type: string description: The slug of the environment where the secret import is located. path: type: string default: / description: The path of the secret import to update. import: type: object properties: environment: type: string description: The new environment slug to import from. path: type: string description: The new path to import from. position: type: number description: The new position of the secret import. The lowest number will be displayed as the first import. additionalProperties: false required: - projectId - environment - import additionalProperties: false parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSecretImport tags: - Secret Imports description: Delete secret imports requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to delete the secret import from. environment: type: string description: The slug of the environment where the secret import is located. path: type: string default: / description: The path of the secret import to delete. required: - projectId - environment additionalProperties: false parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false required: - id - importPath - position - createdAt - updatedAt - folderId - importEnv additionalProperties: false required: - message - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: operationId: getSecretImport tags: - Secret Imports description: Get single secret import parameters: - schema: type: string in: path name: secretImportId required: true description: The ID of the secret import to fetch. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secretImport: type: object properties: id: type: string format: uuid version: type: number default: 1 nullable: true importPath: type: string position: type: number createdAt: type: string format: date-time updatedAt: type: string format: date-time folderId: type: string format: uuid isReplication: type: boolean default: false nullable: true isReplicationSuccess: type: boolean nullable: true replicationStatus: type: string nullable: true lastReplicated: type: string format: date-time nullable: true isReserved: type: boolean default: false nullable: true environment: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false projectId: type: string importEnv: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false secretPath: type: string required: - id - importPath - position - createdAt - updatedAt - folderId - environment - projectId - importEnv - secretPath additionalProperties: false required: - secretImport additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/secret-imports/secrets: get: operationId: getRawSecretsFromImports tags: - Secret Imports parameters: - schema: type: string in: query name: projectId required: true - schema: type: string in: query name: environment required: true - schema: type: string default: / in: query name: path required: false responses: '200': description: Default Response content: application/json: schema: type: object properties: secrets: type: array items: type: object properties: secretPath: type: string environment: type: string environmentInfo: type: object properties: id: type: string name: type: string slug: type: string required: - id - name - slug additionalProperties: false folderId: type: string secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secretPath - environment - environmentInfo - secrets additionalProperties: false required: - secrets additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace: post: tags: - Projects description: Create a new project requestBody: required: true content: application/json: schema: type: object properties: projectName: type: string maxLength: 64 description: The name of the project to create. projectDescription: type: string maxLength: 1024 description: An optional description label for the project. slug: type: string minLength: 5 maxLength: 36 description: An optional slug for the project. kmsKeyId: type: string template: type: string minLength: 1 maxLength: 64 default: default description: The name of the project template, if specified, to apply to this project. type: type: string enum: - secret-manager - cert-manager - kms - ssh - secret-scanning - pam - ai default: secret-manager shouldCreateDefaultEnvs: type: boolean default: true hasDeleteProtection: type: boolean default: false required: - projectName additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: project: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false kmsSecretManagerKeyId: type: string nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments additionalProperties: false required: - project additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{slug}: delete: tags: - Projects description: Delete project parameters: - schema: type: string minLength: 5 maxLength: 64 in: path name: slug required: true description: The slug of the project to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Projects description: Get project details by slug parameters: - schema: type: string minLength: 1 maxLength: 64 in: path name: slug required: true description: The slug of the project to get. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: id: type: string name: type: string description: type: string nullable: true type: type: string defaultProduct: type: string nullable: true slug: type: string autoCapitalization: type: boolean default: false nullable: true orgId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time version: type: number default: 1 upgradeStatus: type: string nullable: true pitVersionLimit: type: number default: 10 kmsCertificateKeyId: type: string format: uuid nullable: true auditLogsRetentionDays: type: number nullable: true hasDeleteProtection: type: boolean default: false nullable: true secretSharing: type: boolean default: true showSnapshotsLegacy: type: boolean default: false secretDetectionIgnoreValues: type: array items: type: string nullable: true enforceEncryptedSecretManagerSecretMetadata: type: boolean nullable: true _id: type: string environments: type: array items: type: object properties: name: type: string slug: type: string id: type: string required: - name - slug - id additionalProperties: false kmsSecretManagerKeyId: type: string nullable: true required: - id - name - type - slug - orgId - createdAt - updatedAt - _id - environments additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{slug}/cas: get: tags: - PKI Certificate Authorities parameters: - schema: type: string enum: - active - pending-certificate in: query name: status required: false description: The status of the CA to filter by. - schema: type: string in: query name: friendlyName required: false description: The friendly name of the CA to filter by. - schema: type: string in: query name: commonName required: false description: The common name of the CA to filter by. - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th CA. - schema: type: number minimum: 1 maximum: 100 default: 25 in: query name: limit required: false description: The number of CAs to return. - schema: type: string minLength: 5 maxLength: 64 in: path name: slug required: true description: The slug of the project to list CAs for. responses: '200': description: Default Response content: application/json: schema: type: object properties: cas: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string status: type: string enableDirectIssuance: type: boolean default: true name: type: string parentCaId: type: string format: uuid nullable: true type: type: string friendlyName: type: string organization: type: string ou: type: string country: type: string province: type: string locality: type: string commonName: type: string dn: type: string serialNumber: type: string nullable: true maxPathLength: type: number nullable: true keyAlgorithm: type: string activeCaCertId: type: string format: uuid nullable: true crlDistributionPointUrls: type: array items: type: string nullable: true disableManagedCrlDistributionPointUrl: type: boolean default: false requireTemplateForIssuance: type: boolean notAfter: type: string notBefore: type: string required: - id - createdAt - updatedAt - projectId - status - name - type - friendlyName - organization - ou - country - province - locality - commonName - dn - keyAlgorithm additionalProperties: false required: - cas additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/pki-alerts: get: tags: - PKI Alerting parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: alerts: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string pkiCollectionId: type: string format: uuid name: type: string alertBeforeDays: type: number recipientEmails: type: string required: - id - createdAt - updatedAt - projectId - pkiCollectionId - name - alertBeforeDays - recipientEmails additionalProperties: false required: - alerts additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/pki-collections: get: tags: - PKI Certificate Collections parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: collections: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time projectId: type: string name: type: string description: type: string required: - id - createdAt - updatedAt - projectId - name - description additionalProperties: false required: - collections additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/pki-subscribers: get: tags: - PKI Subscribers parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list PKI subscribers for. responses: '200': description: Default Response content: application/json: schema: type: object properties: subscribers: type: array items: type: object properties: id: type: string format: uuid projectId: type: string caId: type: string format: uuid nullable: true name: type: string commonName: type: string status: type: string subjectAlternativeNames: type: array items: type: string ttl: type: string nullable: true keyUsages: type: array items: type: string extendedKeyUsages: type: array items: type: string lastOperationStatus: type: string nullable: true lastOperationMessage: type: string nullable: true lastOperationAt: type: string format: date-time nullable: true enableAutoRenewal: type: boolean default: false autoRenewalPeriodInDays: type: number nullable: true lastAutoRenewAt: type: string format: date-time nullable: true properties: nullable: true supportsImmediateCertIssuance: type: boolean required: - id - projectId - name - commonName - status - subjectAlternativeNames - keyUsages - extendedKeyUsages additionalProperties: false required: - subscribers additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/certificate-templates: get: tags: - PKI Certificate Templates parameters: - schema: type: string in: path name: projectId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid caId: type: string format: uuid name: type: string commonName: type: string subjectAlternativeName: type: string pkiCollectionId: type: string format: uuid nullable: true ttl: type: string keyUsages: type: array items: type: string nullable: true extendedKeyUsages: type: array items: type: string nullable: true projectId: type: string caName: type: string required: - id - caId - name - commonName - subjectAlternativeName - ttl - projectId - caName additionalProperties: false required: - certificateTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/ssh-certificate-templates: get: tags: - SSH Certificate Templates parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH certificate templates for. responses: '200': description: Default Response content: application/json: schema: type: object properties: certificateTemplates: type: array items: type: object properties: id: type: string format: uuid sshCaId: type: string format: uuid status: type: string name: type: string ttl: type: string maxTTL: type: string allowedUsers: type: array items: type: string allowedHosts: type: array items: type: string allowCustomKeyIds: type: boolean allowUserCertificates: type: boolean allowHostCertificates: type: boolean required: - id - sshCaId - status - name - ttl - maxTTL - allowedUsers - allowedHosts - allowCustomKeyIds - allowUserCertificates - allowHostCertificates additionalProperties: false required: - certificateTemplates additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/ssh-cas: get: tags: - SSH Certificate Authorities parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH CAs for. responses: '200': description: Default Response content: application/json: schema: type: object properties: cas: type: array items: type: object properties: id: type: string format: uuid projectId: type: string friendlyName: type: string status: type: string keyAlgorithm: type: string keySource: type: string required: - id - projectId - friendlyName - status - keyAlgorithm - keySource additionalProperties: false required: - cas additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/ssh-hosts: get: tags: - SSH Hosts parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH hosts for. responses: '200': description: Default Response content: application/json: schema: type: object properties: hosts: type: array items: type: object properties: id: type: string format: uuid projectId: type: string hostname: type: string alias: type: string nullable: true userCertTtl: type: string hostCertTtl: type: string userSshCaId: type: string format: uuid hostSshCaId: type: string format: uuid loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false source: type: string enum: - host - hostGroup required: - loginUser - allowedPrincipals - source additionalProperties: false required: - id - projectId - hostname - userCertTtl - hostCertTtl - userSshCaId - hostSshCaId - loginMappings additionalProperties: false required: - hosts additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/ssh-host-groups: get: tags: - SSH Host Groups parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list SSH host groups for. responses: '200': description: Default Response content: application/json: schema: type: object properties: groups: type: array items: type: object properties: id: type: string format: uuid projectId: type: string name: type: string loginMappings: type: array items: type: object properties: loginUser: type: string allowedPrincipals: type: object properties: usernames: type: array items: type: string groups: type: array items: type: string additionalProperties: false required: - loginUser - allowedPrincipals additionalProperties: false hostCount: type: number required: - id - projectId - name - loginMappings - hostCount additionalProperties: false required: - groups additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/identity-memberships/{identityId}: post: tags: - Project Identities description: Create project identity membership requestBody: required: true content: application/json: schema: type: object properties: role: type: string default: no-access roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: The role slug to assign to the newly created identity project membership. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: The role slug to assign to the newly created identity project membership. temporaryMode: type: string enum: - relative description: The role slug to assign to the newly created identity project membership. temporaryRange: type: string description: The role slug to assign to the newly created identity project membership. temporaryAccessStartTime: type: string format: date-time description: The role slug to assign to the newly created identity project membership. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false description: A list of role slugs to assign to the newly created identity project membership. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true - schema: type: string in: path name: identityId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Project Identities description: Update project identity memberships requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - false default: false description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. required: - role additionalProperties: false - type: object properties: role: type: string description: The role slug to assign to the newly created identity project membership. isTemporary: type: boolean enum: - true description: Whether the assigned role is temporary. If isTemporary is set true, must provide temporaryMode, temporaryRange and temporaryAccessStartTime. temporaryMode: type: string enum: - relative description: Type of temporary expiry. temporaryRange: type: string description: Expiry time for temporary access. In relative mode it could be 1s, 2m ,3h, etc. temporaryAccessStartTime: type: string format: date-time description: Time to which the temporary access starts. required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of role slugs to assign to the identity project membership. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to update the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Identities description: Delete project identity memberships parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the identity membership from. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to delete the membership from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string format: uuid projectId: type: string identityId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - identityId - createdAt - updatedAt additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Project Identities description: Return project identity membership parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to get the identity membership for. - schema: type: string in: path name: identityId required: true description: The ID of the machine identity to get the membership for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid authMethods: type: array items: type: string required: - name - id - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/identity-memberships: get: tags: - Project Identities description: Return project identity memberships parameters: - schema: type: number minimum: 0 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th identity membership. - schema: type: number minimum: 1 maximum: 20000 default: 100 in: query name: limit required: false description: The number of identity memberships to return. - schema: type: string enum: - name default: name in: query name: orderBy required: false description: The column to order identity memberships by. - schema: type: string enum: - asc - desc default: asc in: query name: orderDirection required: false description: The direction identity memberships will be sorted in. - schema: type: string in: query name: search required: false description: The text string that identity membership names will be filtered by. - schema: type: string in: path name: projectId required: true description: The ID of the project to get identity memberships from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMemberships: type: array items: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid authMethods: type: array items: type: string required: - name - id - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false totalCount: type: number required: - identityMemberships - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/identity-memberships/{identityMembershipId}: get: tags: - Project Identities parameters: - schema: type: string in: path name: identityMembershipId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: identityMembership: type: object properties: id: type: string identityId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false identity: type: object properties: name: type: string id: type: string format: uuid authMethods: type: array items: type: string required: - name - id - authMethods additionalProperties: false project: type: object properties: name: type: string id: type: string required: - name - id additionalProperties: false required: - id - identityId - createdAt - updatedAt - roles - identity - project additionalProperties: false required: - identityMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/groups/{groupIdOrName}: post: tags: - Project Groups description: Add group to project requestBody: required: true content: application/json: schema: type: object properties: role: type: string minLength: 1 default: no-access description: The role for the group to assume in the project. roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to add the group to. - schema: type: string in: path name: groupIdOrName required: true description: The ID or name of the group to add to the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid projectId: type: string groupId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - groupId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/groups/{groupId}: patch: tags: - Project Groups description: Update group in project requestBody: required: true content: application/json: schema: type: object properties: roles: type: array items: anyOf: - type: object properties: role: type: string isTemporary: type: boolean enum: - false default: false required: - role additionalProperties: false - type: object properties: role: type: string isTemporary: type: boolean enum: - true temporaryMode: type: string enum: - relative temporaryRange: type: string temporaryAccessStartTime: type: string format: date-time required: - role - isTemporary - temporaryMode - temporaryRange - temporaryAccessStartTime additionalProperties: false minItems: 1 description: A list of roles to update the group to. required: - roles additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to update the group in. - schema: type: string in: path name: groupId required: true description: The ID of the group to update in the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: roles: type: array items: type: object properties: id: type: string format: uuid role: type: string projectMembershipId: type: string format: uuid customRoleId: type: string format: uuid nullable: true isTemporary: type: boolean default: false temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - role - projectMembershipId - createdAt - updatedAt additionalProperties: false required: - roles additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Groups description: Remove group from project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to delete the group from. - schema: type: string in: path name: groupId required: true description: The ID of the group to delete from the project. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string format: uuid projectId: type: string groupId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - projectId - groupId - createdAt - updatedAt additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false get: tags: - Project Groups description: Return project group parameters: - schema: type: string in: path name: projectId required: true - schema: type: string in: path name: groupId required: true security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMembership: type: object properties: id: type: string groupId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false group: type: object properties: name: type: string id: type: string format: uuid slug: type: string required: - name - id - slug additionalProperties: false required: - id - groupId - createdAt - updatedAt - roles - group additionalProperties: false required: - groupMembership additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/groups: get: tags: - Project Groups description: Return list of groups in project parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to list groups for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: groupMemberships: type: array items: type: object properties: id: type: string groupId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time roles: type: array items: type: object properties: id: type: string role: type: string customRoleId: type: string nullable: true customRoleName: type: string nullable: true customRoleSlug: type: string nullable: true isTemporary: type: boolean temporaryMode: type: string nullable: true temporaryRange: type: string nullable: true temporaryAccessStartTime: type: string format: date-time nullable: true temporaryAccessEndTime: type: string format: date-time nullable: true required: - id - role - isTemporary additionalProperties: false group: type: object properties: name: type: string id: type: string format: uuid slug: type: string required: - name - id - slug additionalProperties: false required: - id - groupId - createdAt - updatedAt - roles - group additionalProperties: false required: - groupMemberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/groups/{groupId}/users: get: tags: - Project Groups description: Return project group users parameters: - schema: type: number minimum: 0 maximum: 100 default: 0 in: query name: offset required: false description: The offset to start from. If you enter 10, it will start from the 10th user. - schema: type: number minimum: 1 maximum: 100 default: 10 in: query name: limit required: false description: The number of users to return. - schema: type: string in: query name: username required: false description: The username to search for. - schema: type: string in: query name: search required: false description: The text string that user email or name will be filtered by. - schema: type: string enum: - existingMembers - nonMembers in: query name: filter required: false description: Whether to filter the list of returned users. 'existingMembers' will only return existing users in the group, 'nonMembers' will only return users not in the group, undefined will return all users in the organization. - schema: type: string in: path name: projectId required: true description: The ID of the project the group belongs to. - schema: type: string in: path name: groupId required: true description: The ID of the group to list users for. responses: '200': description: Default Response content: application/json: schema: type: object properties: users: type: array items: type: object properties: email: type: string nullable: true username: type: string firstName: type: string nullable: true lastName: type: string nullable: true id: type: string format: uuid isPartOfGroup: type: boolean joinedGroupAt: type: string format: date-time nullable: true required: - username - id - isPartOfGroup - joinedGroupAt additionalProperties: false totalCount: type: number required: - users - totalCount additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v2/workspace/{projectId}/memberships: post: tags: - Project Users description: Invite members to project requestBody: required: true content: application/json: schema: type: object properties: emails: type: array items: type: string format: email default: [] description: A list of organization member emails to invite to the project. usernames: type: array items: type: string default: [] description: A list of usernames to invite to the project. roleSlugs: type: array items: type: string minItems: 1 description: A list of role slugs to assign to the newly created project membership. If nothing is provided, it will default to the Member role. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to invite the member to. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid projectId: type: string required: - id - createdAt - updatedAt - userId - projectId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Project Users description: Remove members from project requestBody: required: true content: application/json: schema: type: object properties: emails: type: array items: type: string format: email default: [] description: A list of organization member emails to remove from the project. usernames: type: array items: type: string default: [] description: A list of usernames to remove from the project. additionalProperties: false parameters: - schema: type: string in: path name: projectId required: true description: The ID of the project to remove the member from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: memberships: type: array items: type: object properties: id: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time userId: type: string format: uuid projectId: type: string required: - id - createdAt - updatedAt - userId - projectId additionalProperties: false required: - memberships additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/tags/{secretName}: post: tags: - Secrets description: Attach tags to a secret requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located secretPath: type: string default: / description: The path of the secret to attach tags to. type: type: string enum: - shared - personal default: shared description: The type of the secret to attach tags to. (shared/personal) tagSlugs: type: array items: type: string minItems: 1 description: An array of existing tag slugs to attach to the secret. required: - projectSlug - environment - tagSlugs additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to attach tags to. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string format: uuid version: type: number default: 1 type: type: string default: shared secretKeyCiphertext: type: string secretKeyIV: type: string secretKeyTag: type: string secretValueCiphertext: type: string secretValueIV: type: string secretValueTag: type: string secretCommentCiphertext: type: string nullable: true secretCommentIV: type: string nullable: true secretCommentTag: type: string nullable: true secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true algorithm: type: string default: aes-256-gcm keyEncoding: type: string default: utf8 metadata: nullable: true userId: type: string format: uuid nullable: true folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false required: - id - secretKeyCiphertext - secretKeyIV - secretKeyTag - secretValueCiphertext - secretValueIV - secretValueTag - folderId - createdAt - updatedAt - tags additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Secrets description: Detach tags from a secret requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The path of the secret to detach tags from. type: type: string enum: - shared - personal default: shared description: The type of the secret to attach tags to. (shared/personal) tagSlugs: type: array items: type: string minItems: 1 description: An array of existing tag slugs to detach from the secret. required: - projectSlug - environment - tagSlugs additionalProperties: false parameters: - schema: type: string in: path name: secretName required: true description: The name of the secret to detach tags from. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string format: uuid version: type: number default: 1 type: type: string default: shared secretKeyCiphertext: type: string secretKeyIV: type: string secretKeyTag: type: string secretValueCiphertext: type: string secretValueIV: type: string secretValueTag: type: string secretCommentCiphertext: type: string nullable: true secretCommentIV: type: string nullable: true secretCommentTag: type: string nullable: true secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true algorithm: type: string default: aes-256-gcm keyEncoding: type: string default: utf8 metadata: nullable: true userId: type: string format: uuid nullable: true folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false required: - id - secretKeyCiphertext - secretKeyIV - secretKeyTag - secretValueCiphertext - secretValueIV - secretValueTag - folderId - createdAt - updatedAt - tags additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/raw: get: tags: - Secrets description: List secrets parameters: - schema: type: string in: query name: metadataFilter required: false description: Unencrypted secret metadata key-value pairs used to filter secrets. Only metadata with unencrypted values is supported. When querying for multiple metadata pairs, the query is treated as an AND operation. Secret metadata format is key=value1,value=value2|key=value3,value=value4. - schema: type: string in: query name: workspaceId required: false description: The ID of the project to list secrets from. - schema: type: string in: query name: workspaceSlug required: false description: The slug of the project to list secrets from. This parameter is only applicable by machine identities. - schema: type: string in: query name: environment required: false description: The slug of the environment to list secrets from. - schema: type: string default: / in: query name: secretPath required: false description: The secret path to list secrets from. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: viewSecretValue required: false description: Whether or not to retrieve the secret value. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: expandSecretReferences required: false description: Whether or not to expand secret references. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: recursive required: false description: Whether or not to fetch all secrets from the specified base path, and all of its subdirectories. Note, the max depth is 20 deep. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: include_imports required: false description: Weather to include imported secrets or not. - schema: type: string in: query name: tagSlugs required: false description: The comma separated tag slugs to filter secrets. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretPath: type: string secretValueHidden: type: boolean secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false imports: type: array items: type: object properties: secretPath: type: string environment: type: string folderId: type: string secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - secretValueHidden additionalProperties: false required: - secretPath - environment - secrets additionalProperties: false required: - secrets additionalProperties: false '304': description: Default Response content: application/json: schema: {} '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/raw/id/{secretId}: get: tags: - Secrets parameters: - schema: type: string in: path name: secretId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretPath: type: string tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretPath additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/raw/{secretName}: get: tags: - Secrets description: Get a secret by name parameters: - schema: type: string in: query name: workspaceId required: false description: The ID of the project to get the secret from. - schema: type: string in: query name: workspaceSlug required: false description: The slug of the project to get the secret from. - schema: type: string in: query name: environment required: false description: The slug of the environment to get the secret from. - schema: type: string default: / in: query name: secretPath required: false description: The path of the secret to get. - schema: type: number in: query name: version required: false description: The version of the secret to get. - schema: type: string enum: - shared - personal default: shared in: query name: type required: false description: The type of the secret to get. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: viewSecretValue required: false description: Whether or not to retrieve the secret value. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: expandSecretReferences required: false description: Whether or not to expand secret references. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: include_imports required: false description: Weather to include imported secrets or not. - schema: type: string in: path name: secretName required: true description: The name of the secret to get. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean secretPath: type: string tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden - secretPath additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: tags: - Secrets description: Create secret requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to create the secret in. projectSlug: type: string description: The slug of the project to create the secret in. environment: type: string description: The slug of the environment to create the secret in. secretPath: type: string default: / description: The path to create the secret in. secretValue: type: string description: The value of the secret to create. secretComment: type: string default: '' description: Attach a comment to the secret. secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tagIds: type: array items: type: string description: The ID of the tags to be attached to the created secret. skipMultilineEncoding: type: boolean nullable: true description: Skip multiline encoding for the secret value. type: type: string enum: - shared - personal default: shared description: The type of the secret to create. secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. required: - environment - secretValue additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to create. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Secrets description: Update secret requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project to update the secret in. projectSlug: type: string description: The slug of the project to update the secret in. environment: type: string description: The slug of the environment where the secret is located. secretValue: type: string description: The new value of the secret. secretPath: type: string default: / description: The default path for secrets to update or upsert, if not provided in the secret details. skipMultilineEncoding: type: boolean description: Skip multiline encoding for the secret value. type: type: string enum: - shared - personal default: shared description: The type of the secret to update. tagIds: type: array items: type: string description: The ID of the tags to be attached to the updated secret. metadata: type: object additionalProperties: type: string secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. secretReminderRecipients: type: array items: type: string description: An array of user IDs that will receive the reminder email. If not specified, all project members will receive the reminder email. newSecretName: type: string minLength: 1 description: The new name for the secret. secretComment: type: string description: Update comment to the secret. required: - environment additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Secrets description: Delete secret requestBody: required: true content: application/json: schema: type: object properties: workspaceId: type: string description: The ID of the project where the secret is located. projectSlug: type: string description: The slug of the project to delete the secret in. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The path of the secret. type: type: string enum: - shared - personal default: shared description: The type of the secret to delete. required: - environment additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/move: post: tags: - Secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string sourceEnvironment: type: string sourceSecretPath: type: string default: / destinationEnvironment: type: string destinationSecretPath: type: string default: / secretIds: type: array items: type: string shouldOverwrite: type: boolean default: false required: - projectSlug - sourceEnvironment - destinationEnvironment - secretIds additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: isSourceUpdated: type: boolean isDestinationUpdated: type: boolean required: - isSourceUpdated - isDestinationUpdated additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/secrets/batch/raw: post: tags: - Secrets description: Create many secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project to update the secret in. workspaceId: type: string description: The ID of the project to update the secret in. environment: type: string description: The slug of the environment to create the secret in. secretPath: type: string default: / description: The path to create the secret in. secrets: type: array items: type: object properties: secretKey: type: string minLength: 1 description: The name of the secret to create. secretValue: type: string description: The value of the secret to create. secretComment: type: string default: '' description: Attach a comment to the secret. skipMultilineEncoding: type: boolean nullable: true description: Skip multiline encoding for the secret value. metadata: type: object additionalProperties: type: string secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tagIds: type: array items: type: string description: The ID of the tags to be attached to the created secret. required: - secretKey - secretValue additionalProperties: false minItems: 1 required: - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: tags: - Secrets description: Update many secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project to delete the secret in. workspaceId: type: string description: The ID of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The default path for secrets to update or upsert, if not provided in the secret details. mode: type: string enum: - ignore - upsert - failOnNotFound default: failOnNotFound description: Defines how the system should handle missing secrets during an update. secrets: type: array items: type: object properties: secretKey: type: string minLength: 1 description: The name of the secret to update. secretValue: type: string description: The new value of the secret. secretPath: type: string description: The default path for secrets to update or upsert, if not provided in the secret details. secretComment: type: string description: Update comment to the secret. skipMultilineEncoding: type: boolean description: Skip multiline encoding for the secret value. newSecretName: type: string minLength: 1 description: The new name for the secret. tagIds: type: array items: type: string description: The ID of the tags to be attached to the updated secret. secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. required: - secretKey additionalProperties: false minItems: 1 required: - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: tags: - Secrets description: Delete many secrets requestBody: required: true content: application/json: schema: type: object properties: projectSlug: type: string description: The slug of the project to delete the secret in. workspaceId: type: string description: The ID of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The path of the secret. secrets: type: array items: type: object properties: secretKey: type: string description: The name of the secret to delete. type: type: string enum: - shared - personal default: shared required: - secretKey additionalProperties: false minItems: 1 required: - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/pki/certificates/{certificateId}/renew: post: tags: - PKI Certificates requestBody: required: true content: application/json: schema: anyOf: - not: {} - type: object properties: removeRootsFromChain: anyOf: - type: boolean - type: string default: false additionalProperties: false parameters: - schema: type: string format: uuid in: path name: certificateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: certificate: type: string issuingCaCertificate: type: string certificateChain: type: string privateKey: type: string serialNumber: type: string certificateId: type: string certificateRequestId: type: string required: - certificate - issuingCaCertificate - certificateChain - serialNumber - certificateId - certificateRequestId additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v3/pki/certificates/{certificateId}/config: patch: tags: - PKI Certificates requestBody: required: true content: application/json: schema: type: object properties: renewBeforeDays: type: integer minimum: 1 maximum: 30 enableAutoRenewal: type: boolean additionalProperties: false parameters: - schema: type: string format: uuid in: path name: certificateId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: message: type: string renewBeforeDays: type: number required: - message additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets: get: operationId: listSecretsV4 tags: - Secrets description: List secrets parameters: - schema: type: string in: query name: metadataFilter required: false description: Unencrypted secret metadata key-value pairs used to filter secrets. Only metadata with unencrypted values is supported. When querying for multiple metadata pairs, the query is treated as an AND operation. Secret metadata format is key=value1,value=value2|key=value3,value=value4. - schema: type: string in: query name: projectId required: false description: The ID of the project to list secrets from. - schema: type: string in: query name: environment required: false description: The slug of the environment to list secrets from. - schema: type: string default: / in: query name: secretPath required: false description: The secret path to list secrets from. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: viewSecretValue required: false description: Whether or not to retrieve the secret value. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: expandSecretReferences required: false description: Whether or not to expand secret references. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: recursive required: false description: Whether or not to fetch all secrets from the specified base path, and all of its subdirectories. Note, the max depth is 20 deep. - schema: type: string enum: - 'true' - 'false' default: 'false' in: query name: includePersonalOverrides required: false description: Whether or not to include personal secrets in the response. When enabled, personal secrets will be included in the response. Shared secrets will still be included, but personal secrets will take priority, and the corresponding shared secrets will be replaced with the personal secrets. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: includeImports required: false description: Weather to include imported secrets or not. - schema: type: string in: query name: tagSlugs required: false description: The comma separated tag slugs to filter secrets. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretPath: type: string secretValueHidden: type: boolean secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false imports: type: array items: type: object properties: secretPath: type: string environment: type: string folderId: type: string secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - secretValueHidden additionalProperties: false required: - secretPath - environment - secrets additionalProperties: false required: - secrets additionalProperties: false '304': description: Default Response content: application/json: schema: {} '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/id/{secretId}: get: operationId: getSecretByIdV4 tags: - Secrets parameters: - schema: type: string in: path name: secretId required: true responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretPath: type: string tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretPath additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/{secretName}: get: operationId: getSecretByNameV4 tags: - Secrets description: Get a secret by name parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project to get the secret from. - schema: type: string in: query name: environment required: false description: The slug of the environment to get the secret from. - schema: type: string default: / in: query name: secretPath required: false description: The path of the secret to get. - schema: type: number in: query name: version required: false description: The version of the secret to get. - schema: type: string enum: - shared - personal default: shared in: query name: type required: false description: The type of the secret to get. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: viewSecretValue required: false description: Whether or not to retrieve the secret value. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: expandSecretReferences required: false description: Whether or not to expand secret references. - schema: type: string enum: - 'true' - 'false' default: 'true' in: query name: includeImports required: false description: Weather to include imported secrets or not. - schema: type: string in: path name: secretName required: true description: The name of the secret to get. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean secretPath: type: string tags: type: array items: type: object properties: id: type: string format: uuid slug: type: string color: type: string nullable: true name: type: string required: - id - slug - name additionalProperties: false secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden - secretPath additionalProperties: false required: - secret additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false post: operationId: createSecretV4 tags: - Secrets description: Create secret requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to create the secret in. environment: type: string description: The slug of the environment to create the secret in. secretPath: type: string default: / description: The path to create the secret in. secretValue: type: string description: The value of the secret to create. secretComment: type: string default: '' description: Attach a comment to the secret. secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tagIds: type: array items: type: string description: The ID of the tags to be attached to the created secret. skipMultilineEncoding: type: boolean nullable: true description: Skip multiline encoding for the secret value. type: type: string enum: - shared - personal default: shared description: The type of the secret to create. secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. required: - projectId - environment - secretValue additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to create. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateSecretV4 tags: - Secrets description: Update secret requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to update the secret in. environment: type: string description: The slug of the environment where the secret is located. secretValue: type: string description: The new value of the secret. secretPath: type: string default: / description: The default path for secrets to update or upsert, if not provided in the secret details. skipMultilineEncoding: type: boolean description: Skip multiline encoding for the secret value. type: type: string enum: - shared - personal default: shared description: The type of the secret to update. tagIds: type: array items: type: string description: The ID of the tags to be attached to the updated secret. metadata: type: object additionalProperties: type: string secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. secretReminderRecipients: type: array items: type: string description: An array of user IDs that will receive the reminder email. If not specified, all project members will receive the reminder email. newSecretName: type: string minLength: 1 description: The new name for the secret. secretComment: type: string description: Update comment to the secret. required: - projectId - environment additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to update. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteSecretV4 tags: - Secrets description: Delete secret requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The path of the secret. type: type: string enum: - shared - personal default: shared description: The type of the secret to delete. required: - projectId - environment additionalProperties: false parameters: - schema: type: string minLength: 1 in: path name: secretName required: true description: The name of the secret to delete. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secret: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secret additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/move: post: operationId: moveSecretsV4 tags: - Secrets requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string sourceEnvironment: type: string sourceSecretPath: type: string default: / destinationEnvironment: type: string destinationSecretPath: type: string default: / secretIds: type: array items: type: string shouldOverwrite: type: boolean default: false required: - projectId - sourceEnvironment - destinationEnvironment - secretIds additionalProperties: false responses: '200': description: Default Response content: application/json: schema: type: object properties: isSourceUpdated: type: boolean isDestinationUpdated: type: boolean required: - isSourceUpdated - isDestinationUpdated additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/duplicate: post: operationId: duplicateSecretV4 tags: - Secrets description: Duplicate one or more static secrets into another environment requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project containing the secret. sourceEnvironment: type: string description: The slug of the source environment. sourceSecretPath: type: string default: / description: The folder path of the source secret. destinationEnvironment: type: string description: The slug of the destination environment. destinationSecretPath: type: string default: / description: The folder path where the secret will be duplicated to. secretIds: type: array items: type: string format: uuid minItems: 1 maxItems: 50 description: Array of source secret IDs to duplicate. All secrets must belong to the source environment and path. Rotation and honey-token secrets cannot be duplicated. Maximum 50 secrets per request. shouldOverwrite: type: boolean default: false description: When true, overwrite an existing secret with the same key at the destination. When false (default), the request fails if the destination already has a secret with that key. attributesToCopy: type: object properties: value: type: boolean default: false comment: type: boolean default: false tags: type: boolean default: false metadata: type: boolean default: false skipMultilineEncoding: type: boolean default: false additionalProperties: false default: {} description: 'Object specifying which attributes of the source secret to copy to the destination. Each key is optional and defaults to false. Available keys: value, comment, tags, metadata, skipMultilineEncoding.' required: - projectId - sourceEnvironment - destinationEnvironment - secretIds additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: results: type: array items: anyOf: - type: object properties: sourceSecretId: type: string sourceSecretKey: type: string destinationSecretId: type: string required: - sourceSecretId - sourceSecretKey - destinationSecretId additionalProperties: false - type: object properties: sourceSecretId: type: string sourceSecretKey: type: string approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - sourceSecretId - sourceSecretKey - approval additionalProperties: false description: Returned when the destination has an active secret-approval policy. required: - results additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/batch: post: operationId: createManySecretsV4 tags: - Secrets description: Create many secrets requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project to update the secret in. environment: type: string description: The slug of the environment to create the secret in. secretPath: type: string default: / description: The path to create the secret in. secrets: type: array items: type: object properties: secretKey: type: string minLength: 1 description: The name of the secret to create. secretValue: type: string description: The value of the secret to create. secretComment: type: string default: '' description: Attach a comment to the secret. skipMultilineEncoding: type: boolean nullable: true description: Skip multiline encoding for the secret value. metadata: type: object additionalProperties: type: string secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false tagIds: type: array items: type: string description: The ID of the tags to be attached to the created secret. required: - secretKey - secretValue additionalProperties: false minItems: 1 required: - projectId - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false patch: operationId: updateManySecretsV4 tags: - Secrets description: Update many secrets requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The default path for secrets to update or upsert, if not provided in the secret details. mode: type: string enum: - ignore - upsert - failOnNotFound default: failOnNotFound description: Defines how the system should handle missing secrets during an update. secrets: type: array items: type: object properties: secretKey: type: string minLength: 1 description: The name of the secret to update. secretValue: type: string description: The new value of the secret. secretPath: type: string description: The default path for secrets to update or upsert, if not provided in the secret details. secretComment: type: string description: Update comment to the secret. skipMultilineEncoding: type: boolean description: Skip multiline encoding for the secret value. newSecretName: type: string minLength: 1 description: The new name for the secret. tagIds: type: array items: type: string description: The ID of the tags to be attached to the updated secret. secretReminderNote: type: string maxLength: 1024 nullable: true description: Note to be attached in notification email. secretMetadata: type: array items: type: object properties: key: type: string minLength: 1 maxLength: 255 value: type: string maxLength: 1020 default: '' isEncrypted: type: boolean default: false required: - key additionalProperties: false secretReminderRepeatDays: type: number nullable: true description: Interval for secret rotation notifications, measured in days. required: - secretKey additionalProperties: false minItems: 1 required: - projectId - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false delete: operationId: deleteManySecretsV4 tags: - Secrets description: Delete many secrets requestBody: required: true content: application/json: schema: type: object properties: projectId: type: string description: The ID of the project where the secret is located. environment: type: string description: The slug of the environment where the secret is located. secretPath: type: string default: / description: The path of the secret. secrets: type: array items: type: object properties: secretKey: type: string description: The name of the secret to delete. type: type: string enum: - shared - personal default: shared required: - secretKey additionalProperties: false minItems: 1 required: - projectId - environment - secrets additionalProperties: false security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: anyOf: - type: object properties: secrets: type: array items: type: object properties: id: type: string _id: type: string workspace: type: string environment: type: string version: type: number type: type: string secretKey: type: string secretValue: type: string secretComment: type: string secretReminderNote: type: string nullable: true secretReminderRepeatDays: type: number nullable: true skipMultilineEncoding: type: boolean default: false nullable: true createdAt: type: string format: date-time updatedAt: type: string format: date-time actor: type: object properties: actorId: type: string nullable: true actorType: type: string nullable: true name: type: string nullable: true membershipId: type: string nullable: true groupId: type: string nullable: true additionalProperties: false nullable: true isRotatedSecret: type: boolean rotationId: type: string format: uuid nullable: true secretValueHidden: type: boolean required: - id - _id - workspace - environment - version - type - secretKey - secretValue - secretComment - createdAt - updatedAt - secretValueHidden additionalProperties: false required: - secrets additionalProperties: false - type: object properties: approval: type: object properties: id: type: string format: uuid policyId: type: string format: uuid hasMerged: type: boolean default: false status: type: string default: open conflicts: nullable: true slug: type: string folderId: type: string format: uuid createdAt: type: string format: date-time updatedAt: type: string format: date-time isReplicated: type: boolean nullable: true committerUserId: type: string format: uuid nullable: true statusChangedByUserId: type: string format: uuid nullable: true bypassReason: type: string nullable: true required: - id - policyId - slug - folderId - createdAt - updatedAt additionalProperties: false required: - approval additionalProperties: false description: When secret protection policy is enabled '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/{secretName}/reference-dependency-tree: get: operationId: getSecretReferencesV4 tags: - Secrets description: Get secret reference dependency tree parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project where the secret is located. - schema: type: string in: query name: environment required: true description: The slug of the environment where the the secret is located. - schema: type: string default: / in: query name: secretPath required: false description: The folder path where the secret is located. - schema: type: string in: path name: secretName required: true description: The name of the secret to get the reference tree for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: tree: type: object properties: key: type: string value: type: string environment: type: string secretPath: type: string children: type: array items: {} required: - key - environment - secretPath - children additionalProperties: false required: - tree additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false /api/v4/secrets/{secretName}/secret-reference-tree: get: operationId: getSecretReferenceTreeV4 tags: - Secrets description: Get secret reference tree parameters: - schema: type: string in: query name: projectId required: true description: The ID of the project where the secret is located. - schema: type: string in: query name: environment required: true description: The slug of the environment where the the secret is located. - schema: type: string default: / in: query name: secretPath required: false description: The folder path where the secret is located. - schema: type: string in: path name: secretName required: true description: The name of the secret to get the reference tree for. security: - bearerAuth: [] responses: '200': description: Default Response content: application/json: schema: type: object properties: tree: type: object properties: key: type: string value: type: string environment: type: string secretPath: type: string children: type: array items: {} required: - key - environment - secretPath - children additionalProperties: false value: type: string required: - tree additionalProperties: false '400': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 400 message: type: string error: type: string details: {} required: - reqId - statusCode - message - error additionalProperties: false '401': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 401 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '403': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 403 message: type: string details: {} error: type: string required: - reqId - statusCode - message - error additionalProperties: false '404': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 404 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false '422': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 422 message: {} error: type: string required: - reqId - statusCode - error additionalProperties: false '500': description: Default Response content: application/json: schema: type: object properties: reqId: type: string statusCode: type: number enum: - 500 message: type: string error: type: string required: - reqId - statusCode - message - error additionalProperties: false servers: - url: https://us.infisical.com description: Production server (US) - url: https://eu.infisical.com description: Production server (EU) - url: http://localhost:8080 description: Local server